Information disclosure in Intel products - CVE-2022-21151
Published: May 17, 2022 / Updated: June 12, 2022
Vulnerability identifier: #VU63348
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2022-21151
CWE-ID: CWE-200
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
10th Generation Intel Core Processors
Intel Pentium Processor Silver Series
Intel Celeron Processor J Series
Intel Celeron Processor N Series
8th Generation Intel Core Processors
6th Generation Intel Core Processors
7th Generation Intel Core Processors
3rd Generation Intel Xeon Scalable Processors
9th Generation Intel Core Processors
10th Generation Intel Core Processors
Intel Pentium Processor Silver Series
Intel Celeron Processor J Series
Intel Celeron Processor N Series
8th Generation Intel Core Processors
6th Generation Intel Core Processors
7th Generation Intel Core Processors
3rd Generation Intel Xeon Scalable Processors
9th Generation Intel Core Processors
Detailed vulnerability description
The vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to an error during processor optimization removal or modification of security-critical code. A local privileged user can gain access to potentially sensitive information.
How to mitigate CVE-2022-21151
Install updates from vendor's website.