CVE-2019-0122

{"id": "CVE-2019-0122", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 3.6, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:P", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "LOW", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 7.1, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 1.8}]}, "published": "2019-03-14T20:29:01.537", "references": [{"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00217.html", "tags": ["Vendor Advisory"], "source": "secure@intel.com"}, {"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00217.html", "tags": ["Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-415"}]}], "descriptions": [{"lang": "en", "value": "Double free in Intel(R) SGX SDK for Linux before version 2.2 and Intel(R) SGX SDK for Windows before version 2.1 may allow an authenticated user to potentially enable information disclosure or denial of service via local access."}, {"lang": "es", "value": "Doble liberaci\u00f3n (double free) en Intel(R) SGX SDK para Linux, en versiones anteriores a la 2.2; e Intel(R) SGX SDK para Windows, en versiones anteriores a la 2.1, podr\u00eda permitir que un usuario autenticado habilite la divulgaci\u00f3n de informaci\u00f3n o una denegaci\u00f3n de servicio (DoS) mediante acceso local."}], "lastModified": "2024-11-21T04:16:16.590", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intel:software_guard_extensions_sdk:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "18B893E9-5AD6-4D03-B217-20F72B91682B", "versionEndExcluding": "2.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intel:software_guard_extensions_sdk:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6A9BCE44-2925-46C0-BD2C-A6CF56C84B47", "versionEndExcluding": "2.2"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "703AF700-7A70-47E2-BC3A-7FD03B3CA9C1"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "secure@intel.com"}