QID 355081

Package updates are available for Amazon Linux that fix the following vulnerabilities:
CVE-2022-38090:
A flaw was found in the Linux kernel. A potential security vulnerability in some Intel Processors with Intel Software Guard Extensions (SGX) may allow information disclosure. This flaw may allow a privileged user to enable information disclosure via local access. 2171281: CVE-2022-38090 kernel: Intel firmware update for improper isolation of shared resources CVE-2022-33196:
A flaw was found in the Linux kernel. Some Intel(R) Xeon(R) processors with Intel? Software Guard Extensions (SGX) may allow privilege escalation. This issue may allow a privileged user to enable privilege escalation via local access. 2171252: CVE-2022-33196 kernel: Intel firmware update for Incorrect default permissions in some memory controller configurations CVE-2022-21216:
A flaw was found in the Linux kernel. A potential security vulnerability in some Intel(R) Atom(R) and Intel(R) Xeon(R) Scalable Processors may allow privilege escalation. This flaw may allow a privileged user to enable privilege escalation via adjacent network access. 2171227: CVE-2022-21216 kernel: Intel firmware update for insufficient granularity of access control in out-of-band management in some Intel Atom and Intel Xeon Scalable Processors

Successful exploitation of this vulnerability could lead to a security breach or could affect integrity, availability, and confidentiality.