ID
VAR-202211-0553
CVE
CVE-2022-29515
TITLE
Intel's Intel Server Platform Services Vulnerability in firmware not freeing memory after expiration
Trust: 0.8
sources:
JVNDB: JVNDB-2022-020985
DESCRIPTION
Missing release of memory after effective lifetime in firmware for Intel(R) SPS before versions SPS_E3_06.00.03.035.0 may allow a privileged user to potentially enable denial of service via local access. Intel's Intel Server Platform Services A vulnerability exists in firmware related to lack of freeing memory after expiration.Service operation interruption (DoS) It may be in a state
Trust: 1.71
sources:
NVD: CVE-2022-29515 //
JVNDB: JVNDB-2022-020985 //
VULHUB: VHN-421030
AFFECTED PRODUCTS
| vendor: | intel | model: | server platform services | scope: | lt | version: | sps_e3_06.00.03.035.0 | Trust: 1.0 |
| vendor: | インテル | model: | intel server platform services | scope: | - | version: | - | Trust: 0.8 |
| vendor: | 日立 | model: | 日立アドバンストサーバ ha8000v シリーズ | scope: | - | version: | - | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-020985 //
NVD: CVE-2022-29515
CVSS
SEVERITY | CVSSV2 | CVSSV3 | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
sources:
JVNDB: JVNDB-2022-020985 //
CNNVD: CNNVD-202211-2450 //
NVD: CVE-2022-29515 //
NVD: CVE-2022-29515
PROBLEMTYPE DATA
| problemtype: | CWE-401 | Trust: 1.1 |
| problemtype: | Lack of memory release after expiration (CWE-401) [NVD evaluation ] | Trust: 0.8 |
sources:
VULHUB: VHN-421030 //
JVNDB: JVNDB-2022-020985 //
NVD: CVE-2022-29515
THREAT TYPE
local
Trust: 0.6
sources:
CNNVD: CNNVD-202211-2450
TYPE
other
Trust: 0.6
sources:
CNNVD: CNNVD-202211-2450
PATCH
| title: | hitachi-sec-2022-224 | url: | https://www.hitachi.co.jp/products/it/server/security/info/vulnerable/hitachi_sec_2022_224.html | Trust: 0.8 |
sources:
JVNDB: JVNDB-2022-020985
EXTERNAL IDS
| db: | NVD | id: | CVE-2022-29515 | Trust: 3.3 |
| db: | JVN | id: | JVNVU94499505 | Trust: 0.8 |
| db: | JVNDB | id: | JVNDB-2022-020985 | Trust: 0.8 |
| db: | AUSCERT | id: | ESB-2022.5834 | Trust: 0.6 |
| db: | CNNVD | id: | CNNVD-202211-2450 | Trust: 0.6 |
| db: | VULHUB | id: | VHN-421030 | Trust: 0.1 |
sources:
VULHUB: VHN-421030 //
JVNDB: JVNDB-2022-020985 //
CNNVD: CNNVD-202211-2450 //
NVD: CVE-2022-29515
REFERENCES
| url: | https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00610.html | Trust: 2.5 |
| url: | https://jvn.jp/vu/jvnvu94499505/ | Trust: 0.8 |
| url: | https://nvd.nist.gov/vuln/detail/cve-2022-29515 | Trust: 0.8 |
| url: | https://cxsecurity.com/cveshow/cve-2022-29515/ | Trust: 0.6 |
| url: | https://vigilance.fr/vulnerability/intel-amt-csme-sps-multiple-vulnerabilities-39877 | Trust: 0.6 |
| url: | https://www.auscert.org.au/bulletins/esb-2022.5834 | Trust: 0.6 |
sources:
VULHUB: VHN-421030 //
JVNDB: JVNDB-2022-020985 //
CNNVD: CNNVD-202211-2450 //
NVD: CVE-2022-29515
SOURCES
| db: | VULHUB | id: | VHN-421030 |
| db: | JVNDB | id: | JVNDB-2022-020985 |
| db: | CNNVD | id: | CNNVD-202211-2450 |
| db: | NVD | id: | CVE-2022-29515 |
LAST UPDATE DATE
2025-02-06T21:25:17.430000+00:00
SOURCES UPDATE DATE
| db: | VULHUB | id: | VHN-421030 | date: | 2022-11-17T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-020985 | date: | 2024-03-07T04:45:00 |
| db: | CNNVD | id: | CNNVD-202211-2450 | date: | 2022-11-18T00:00:00 |
| db: | NVD | id: | CVE-2022-29515 | date: | 2025-02-05T21:15:17.497 |
SOURCES RELEASE DATE
| db: | VULHUB | id: | VHN-421030 | date: | 2022-11-11T00:00:00 |
| db: | JVNDB | id: | JVNDB-2022-020985 | date: | 2023-11-07T00:00:00 |
| db: | CNNVD | id: | CNNVD-202211-2450 | date: | 2022-11-09T00:00:00 |
| db: | NVD | id: | CVE-2022-29515 | date: | 2022-11-11T16:15:14.327 |