7.5 High
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:L/A:L
0.0004 Low
EPSS
Percentile
9.1%
Software: microcode_ctl 2.1
OS: rosa-server79
package_evr_string: microcode_ctl-2.1-73.16.res7
CVE-ID: CVE-2022-21216
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Insufficient granularity in external management access control in some Intel® Atom and Intel Xeon scalable processors may allow a privileged user to potentially enable privilege escalation through access to a neighboring network.
CVE-STATUS: Fixed
CVE-REV: Run the yum update microcode_ctl command for closure
CVE-ID: CVE-2022-33196
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Incorrect default permissions in some memory controller configurations for some Intel® Xeon® processors when using Intel® Software Guard Extensions, which could allow a privileged user to potentially enable privilege escalation via local access.
CVE-STATUS: Fixed
CVE-REV: Run the yum update microcode_ctl command to close it
CVE-ID: CVE-2022-33972
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: An incorrect calculation in the microcode encryption mechanism for some 3rd generation Intel® Xeon® scalable processors could allow a privileged user to potentially enable information disclosure via local access.
CVE-STATUS: Fixed
CVE-REV: Run the yum update microcode_ctl command for closure
CVE-ID: CVE-2022-38090
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: Improper isolation of shared resources on some Intel® processors when using Intel® Software Guard Extensions may allow a privileged user to potentially authorize information disclosure via local access.
CVE-STATUS: Fixed
CVE-REV: Run the yum update microcode_ctl command to close it
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
rosa | any | noarch | microcode_ctl | < 2.1 | UNKNOWN |