Skip to main content

Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

© 2026 Mondoo, Inc.

Privacy Policy Terms of Service Imprint

Vulnerability Intelligence

Vulnerability IntelligenceCVE-2022-21166

CVE-2022-21166

MEDIUM5.5

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access

Published Jun 15, 2022

Modified 10 months ago

Details

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

References

http://www.openwall.com/lists/oss-security/2022/06/16/1

https://lists.debian.org/debian-lts-announce/2022/07/msg00000.html

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FHTEW3RXU2GW6S3RCPQG4VNCZGI3TOSV/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MCVOMHBQRH4KP7IN6U24CW7F2D2L5KBS/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RKRXZ4LHGCGMOG24ZCEJNY6R2BTS4S2Q/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4P2KJYL74KGLHE4JZETVW7PZH6ZIABA/

https://security.gentoo.org/glsa/202208-23

https://security.netapp.com/advisory/ntap-20220624-0008/

https://www.cve.org/CVERecord?id=CVE-2022-21166

https://www.debian.org/security/2022/dsa-5173

https://www.debian.org/security/2022/dsa-5178

https://www.debian.org/security/2022/dsa-5184

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00615.html

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

NoneI:N

Availability

NoneA:N

5.5/CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Ecosystems

Timeline

PublishedJun 15, 2022

ModifiedMay 5, 2025

CVE-2022-21166 | Mondoo Vulnerability Intelligence