Headline
CVE-2022-41804
Unauthorized error injection in Intel® SGX or Intel® TDX for some Intel® Xeon® Processors may allow a privileged user to potentially enable escalation of privilege via local access.
Related news
Ubuntu Security Notice 6286-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. It was discovered that some Intel Xeon Processors did not properly restrict error injection for Intel SGX or Intel TDX. A local privileged user could use this to further escalate their privileges.
Debian Linux Security Advisory 5474-1 - This update ships updated CPU microcode for some types of Intel CPUs and provides mitigations for security vulnerabilities.