Denial of service in certain 14nm Client/Xeon E3 Intel processors
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2022-21180 |
| CWE-ID | CWE-20 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Intel Xeon E Processors Hardware solutions / Firmware 6th Generation Intel Core Processors Hardware solutions / Firmware Intel Xeon W Processors Hardware solutions / Firmware Intel Core X-series Processors Hardware solutions / Firmware 10th Generation Intel Core Processors Hardware solutions / Firmware 11th Generation Intel Core Processors Hardware solutions / Firmware 8th Generation Intel Core Processors Hardware solutions / Firmware Intel Pentium Gold Processor Series Hardware solutions / Firmware Intel Celeron Processor 5000 Series Hardware solutions / Firmware Intel Celeron Processors Hardware solutions / Firmware 7th Generation Intel Core Processors Hardware solutions / Firmware Intel Pentium Processors Hardware solutions / Firmware Intel Celeron Processor G Series Hardware solutions / Firmware 9th Generation Intel Core Processors Client/Desktop applications / Web browsers |
| Vendor | Intel |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Input validation error
EUVDB-ID: #VU64377
Risk: Low
CVSSv3.1:
CVE-ID: CVE-2022-21180
CWE-ID:
CWE-20 - Improper Input Validation
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation in Memory Mapped I/O (MMIO) for some 14nm Client/Xeon E3 Intel® Processors. A local user can pass specially crafted input and perform a denial of service (DoS) attack in certain virtualized environments.
MitigationInstall updates from vendor's website.
Vulnerable software versionsIntel Xeon E Processors: All versions
6th Generation Intel Core Processors: All versions
Intel Xeon W Processors: All versions
Intel Core X-series Processors: All versions
10th Generation Intel Core Processors: All versions
11th Generation Intel Core Processors: All versions
8th Generation Intel Core Processors: All versions
Intel Pentium Gold Processor Series: All versions
Intel Celeron Processor 5000 Series: All versions
Intel Celeron Processors: All versions
7th Generation Intel Core Processors: All versions
Intel Pentium Processors: All versions
Intel Celeron Processor G Series: All versions
9th Generation Intel Core Processors: All versions
CPE2.3 External links
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00645.html
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
