CVE-2020-0561: 
Chromium vulnerability analysis and mitigation

Improper initialization in the Intel(R) SGX SDK before version 2.6.100.1 was identified as CVE-2020-0561. This vulnerability was discovered and reported in February 2020, affecting Intel's Software Guard Extensions SDK. The vulnerability impacts systems running Intel SGX SDK versions prior to v2.6.100.1 (NVD, Intel Advisory).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH), with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H. This indicates a local attack vector requiring low attack complexity and low privileges, with no user interaction needed. The vulnerability is classified under CWE-665 (Improper Initialization) (NVD).

The vulnerability could allow an authenticated user to potentially enable escalation of privilege via local access. The high CVSS score indicates potential severe impacts on confidentiality, integrity, and availability of the affected systems (NVD).

The primary mitigation is to update to Intel(R) SGX SDK version 2.6.100.1 or later. Several Linux distributions have also released security updates to address this vulnerability, including OpenSUSE which provided patches through security updates openSUSE-SU-2020:0604 and openSUSE-SU-2020:0615 (OpenSUSE Advisory).