SGX SDK
by Intel
CVEs (11)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2024-23918 | Hig | 0.57 | 8.8 | 0.00 | Nov 13, 2024 | Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access. | ||
| CVE-2018-3626 | Med | 0.31 | 4.7 | 0.00 | Mar 20, 2018 | Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized information. | ||
| CVE-2024-34776 | Med | 0.29 | 4.5 | 0.00 | Nov 13, 2024 | Out-of-bounds write in some Intel(R) SGX SDK software may allow an authenticated user to potentially enable escalation of privilege via local access. | ||
| CVE-2022-26841 | 0.00 | — | 0.00 | Feb 16, 2023 | Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2.16.100.1 may allow an authenticated user to potentially enable information disclosure via local access. | |||
| CVE-2022-26509 | 0.00 | — | 0.00 | Feb 16, 2023 | Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access. | |||
| CVE-2022-27499 | 0.00 | — | 0.00 | Nov 11, 2022 | Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access. | |||
| CVE-2021-0186 | 0.00 | — | 0.00 | Nov 17, 2021 | Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may allow a privileged user to potentially escalation of privilege via local access. | |||
| CVE-2020-0561 | 0.00 | — | 0.00 | Feb 13, 2020 | Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||
| CVE-2019-14565 | 0.00 | — | 0.00 | Nov 14, 2019 | Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access. | |||
| CVE-2019-14566 | 0.00 | — | 0.00 | Nov 14, 2019 | Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access. | |||
| CVE-2018-18098 | 0.00 | — | 0.00 | Jan 10, 2019 | Improper file verification in install routine for Intel(R) SGX SDK and Platform Software for Windows before 2.2.100 may allow an escalation of privilege via local access. |
- risk 0.57cvss 8.8epss 0.00
Improper conditions check in some Intel(R) Xeon(R) processor memory controller configurations when using Intel(R) SGX may allow a privileged user to potentially enable escalation of privilege via local access.
- risk 0.31cvss 4.7epss 0.00
Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized information.
- risk 0.29cvss 4.5epss 0.00
Out-of-bounds write in some Intel(R) SGX SDK software may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2022-26841Feb 16, 2023risk 0.00cvss —epss 0.00
Insufficient control flow management for the Intel(R) SGX SDK software for Linux before version 2.16.100.1 may allow an authenticated user to potentially enable information disclosure via local access.
- CVE-2022-26509Feb 16, 2023risk 0.00cvss —epss 0.00
Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.
- CVE-2022-27499Nov 11, 2022risk 0.00cvss —epss 0.00
Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.
- CVE-2021-0186Nov 17, 2021risk 0.00cvss —epss 0.00
Improper input validation in the Intel(R) SGX SDK applications compiled for SGX2 enabled processors may allow a privileged user to potentially escalation of privilege via local access.
- CVE-2020-0561Feb 13, 2020risk 0.00cvss —epss 0.00
Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2019-14565Nov 14, 2019risk 0.00cvss —epss 0.00
Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.
- CVE-2019-14566Nov 14, 2019risk 0.00cvss —epss 0.00
Insufficient input validation in Intel(R) SGX SDK multiple Linux and Windows versions may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access.
- CVE-2018-18098Jan 10, 2019risk 0.00cvss —epss 0.00
Improper file verification in install routine for Intel(R) SGX SDK and Platform Software for Windows before 2.2.100 may allow an escalation of privilege via local access.