CVE-2022-21127

MEDIUM5.5EPSS 0.47%

Published: 6/15/2022Modified: 12/3/2025

Also known as:ALPINE-CVE-2022-21127

Description

Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Affected packages (2)

Alpine/xenfrom 0, < 0
Debian/intel-microcodefrom 0, < 3.20220510.1~deb11u1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM5.5	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

References (2)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2022-21127
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2022-21127