CVE-2022-40982

MEDIUM6.5EPSS 0.73%

intel-microcode - security update

Published: 8/11/2023Modified: 4/28/2026

Description

Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Affected packages (9)

Alpine/intel-ucodefrom 0, < 20230808-r0
Alpine/xenfrom 0, < 4.15.5-r0
Debian/intel-microcodefrom 0, < 3.20230808.1~deb10u1
Debian/intel-microcodefrom 0, < 3.20230808.1~deb11u1
Debian/intel-microcodefrom 0, < 3.20230808.1~deb11u1
Debian/linuxfrom 0, < 4.19.289-2
Debian/linuxfrom 0, < 5.10.179-5
Debian/linuxfrom 0, < 5.10.179-5
Debian/linux-5.10from 0, < 5.10.179-5~deb10u1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.5	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References (2)

ADVISORYhttps://security.alpinelinux.org/vuln/CVE-2022-40982
ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2022-40982