CVE-2022-29515
Description
Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
A memory leak in Intel SPS firmware before SPS_E3_06.00.03.035.0 allows a privileged local user to cause denial of service.
Vulnerability
A missing release of memory after its effective lifetime in Intel(R) SPS firmware versions prior to SPS_E3_06.00.03.035.0 results in a memory leak. This vulnerability resides in the firmware's memory management routines and is reachable by a privileged user with local access to the system.
Exploitation
An attacker with local privileged access (e.g., administrator or root) can repeatedly trigger the vulnerable code path, causing the firmware to allocate memory without freeing it. Over time, this exhausts available memory resources, leading to a denial of service condition.
Impact
Successful exploitation allows the attacker to cause a denial of service by exhausting memory, potentially rendering the system unresponsive or crashing critical services. No other impact (e.g., code execution or data disclosure) is described in the available references.
Mitigation
Intel has released a fixed firmware version SPS_E3_06.00.03.035.0 to address this issue [1]. Users should update to this version or later. No workarounds are documented in the advisory. The vulnerability is not listed in the CISA Known Exploited Vulnerabilities (KEV) catalog as of the publication date.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.