DEBIAN-CVE-2022-40982

DEBIAN-CVE-2022-40982 PUBLISHED CVSS 6.5 MEDIUM

Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Risk Scores

CVSS v3.1

6.5

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Debian:11	linux	5.10.70-1~bpo10+1, 5.10.84-1, 5.10.103-1~bpo10+1
Debian:11	intel-microcode	3.20160607.2, 3.20160607.1, 3.20151106.2
Debian:12	intel-microcode	1.20140913.1, 2.20130808.1, 2.20130808.1
Debian:13	linux	0, 0, 0
Debian:13	intel-microcode	3.20190618.1~deb8u1, 0, 0.20080131-1
Debian:14	linux	0, 0, 0
Debian:14	intel-microcode	3.20210608.1, 3.20220809.1, *
Debian:12	linux	6.1.38-1, *, 6.1.27-1

Timeline

Aug 11, 2023 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2022-40982 advisory

Open in Interactive Console →