Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2022-40964 (GCVE-0-2022-40964)
Vulnerability from cvelistv5 – Published: 2023-08-11 02:36 – Updated: 2025-02-13 16:33
VLAI?
EPSS
Summary
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
7.9 (High)
CWE
- escalation of privilege
- CWE-284 - Improper access control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software |
Affected:
See references
|
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.971Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html",
"tags": [
"x_transferred"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-40964",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-02T14:06:56.361248Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-02T14:11:25.783Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "See references"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-284",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-09-30T21:06:10.633Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/"
},
{
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2022-40964",
"datePublished": "2023-08-11T02:36:53.959Z",
"dateReserved": "2022-09-27T00:28:29.138Z",
"dateUpdated": "2025-02-13T16:33:02.510Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html\", \"name\": \"http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T12:28:42.971Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-40964\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-10-02T14:06:56.361248Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-10-02T14:11:20.279Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.9, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software\", \"versions\": [{\"status\": \"affected\", \"version\": \"See references\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html\", \"name\": \"http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/\"}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"escalation of privilege\"}, {\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-284\", \"description\": \"Improper access control\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2023-08-11T02:36:53.959Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2022-40964\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-02T14:11:25.783Z\", \"dateReserved\": \"2022-09-27T00:28:29.138Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2023-08-11T02:36:53.959Z\", \"assignerShortName\": \"intel\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2023-AVI-0640
Vulnerability from certfr_avis - Published: 2023-08-09 - Updated: 2023-08-09
De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Intel SSD Tools software versions antérieures à mdadm-4.2-rc2
- Intel BIOS PCSD BIOS versions antérieures à 02.01.0013
- Intel logiciel PROSet/Wireless WiFi versions antérieures à 22.200
- Intel Converged Security Management Engine (CSME) sans les correctifs de sécurité du 08 août 2023
- Intel Active Management Technology (AMT) sans les correctifs de sécurité du 08 août 2023
- Intel Standard Manageability software sans les correctifs de sécurité du 08 août 2023
- Pilote RDMA des Contrôleurs Ethernet Intel pour linux versions antérieures à 1.9.30
- Programme d'installation de pilotes Intel RST avec Intel Optane Memory (plateformes de 11ème à 13ème générations) versions antérieures à 19.5.2.1049.5
- Programme d'installation de pilotes Intel RST avec Intel Optane Memory (plateformes de 10ème et 11ème générations) versions antérieures à 18.7.6.1010.3
- Programme d'installation de pilotes Intel RST avec Intel Optane Memory (plateformes de 8ème et 9ème générations) versions antérieures à 17.11.3.1010.2
- Interface utilisateur Intel RST et pilotes versions antérieures à 16.8.5.1014.5
- Suite de logiciels Intel Quartus Prime Pro pour Linux before versions antérieures à 22.4
- Suite de logiciels Intel Quartus Prime Standard pour Linux versions antérieures à 22.1STD
- Cartes graphiques Intel Arc A770 et A750 vendues entre octobre 2022 et décembre 2022
- Séries de processeurs Intel Atom, Xeon, Core de 7ème à 11ème générations, Celeron, Pentium et Core séries X sans les correctifs de sécurité du 08 août 2023
- Logiciel d'exécution Intel oneVPL GPU versions antérieures à 22.6.5
- Client Intel Unite pour Mac versions antérieures à 4.2.11
- Ensemble de logiciels Intel Unite pour Windows versions antérieures à 4.2.34962
- Séries de processeurs Intel Atom, Xeon, Core, Celeron et Pentium sans les correctifs de sécurité du 08 août 2023
- Pilotes infrarouge ITE Tech consumer pour terminaux NUC versions antérieures à 5.5.2.1
- System Firmware Update Utility (SysFwUpdt) for Intel Server Boards and Intel Server Systems Based on Intel 621A Chipset before version 16.0.7.
- Utilitaire de mise à jour de microgiciel (SysFwUpdt) pour Intel Server Boards et Intel Server Systems basé sur les jeux de puces 621A
- Séries de contrôleurs Ethernet et adaptateurs E810 (Columbiaville) versions antérieures à 1.7.2.4
- Logiciel Intel Optimization for TensorFlow versions antérieures à 2.12
- Distribution Intel des outils OpenVINO versions antérieures à 2022.3.0
- Outils Intel VCUST téléchargés avant le 03 février 2023 sans le correctif de sécurité du 08 août 2023
- logiciel Intel VROC versions antérieures à 8.0.0.4035
- Logiciel d'installation d'Intel Advanced Link Analyzer Standard Edition versions antérieures à 22.1.1
- Logiciel d'installation Intel ISPC software pour Windows versions antérieures à 1.19.0
- Logiciel Intel Agilex software inclus dans Intel Quartus Prime Pro Edition pour Linux versions antérieures à 22.4
- Logiciel Intel Easy Streaming Wizard toutes versions [1]
- Application Android Intel Support versions antérieures à v23.02.07
- Suite logicielle Intel NUC Pro pour Windows versions antérieures à 2.0.0.9
- Logiciel Intel PROSet/Wireless WiFi 6 AX200 sur certaines plateformes Microsoft Surface versions antérieures à 22.220 HF
- Logiciel Intel oneMKL versions antérieures à 2022.0
- Logiciel Intel DTT versions antérieures à 8.7.10801.25109
- Logiciel Intel AI Hackathon versions antérieures à 2.0.0
- Logiciel Intel DSA versions antérieures à 23.1.9
- Bibliothèque Hyperscan maintenue par Intel versions antérieures à 5.4.1
- Outils Intel oneAPI versions antérieures à 2023.1.0
- BIOS de cartes mères de terminaux NUC sans les correctifs de sécurité du 08 août 2023
- Logiciel Intel Manageability Commander versions antérieures à 2.3
- Logiciel Intel Unison versions antérieures à 10.12
- Pilotes vidéo BMC intégrés aux cartes mères Intel M10JNP2SB pour Microsoft versions antérieures à 3.0
- Pilotes vidéo BMC intégrés aux cartes mères Intel M10JNP2SB pour Linux versions antérieures à 1.13.4
- Logiciel Intel SDP Tool versions antérieures à 1.4 build 5
- Outils de développement Intel PSR versions antérieures à 1.0.0.20
- Logiciel Intel RealSense ID pour Intel RealSense 450 FA versions antérieures à 0.25
- Application Android Intel Unite versions antérieures à 4.2.3504
- Logiciel MAVinci Desktop pour Intel Falcon 8+ toutes versions [2]
- Logiciel Intel ITS versions antérieures à 3.1
- Outils de développement Intel RealSense versions antérieures à 2.53.1
[1] : L'éditeur indique que le logiciel Intel Easy Streaming Wizard n'est plus maintenu et recommande de le désinstaller ou de cesser de l'utiliser dès que possible
[2] : L'éditeur indique que le logiciel MAVinci Desktop pour Intel Falcon 8+ n'est plus maintenu et recommande de le désinstaller ou de cesser de l'utiliser dès que possible
Impacted products
| Vendor | Product | Description |
|---|
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eIntel SSD Tools software versions ant\u00e9rieures \u00e0 mdadm-4.2-rc2\u003c/li\u003e \u003cli\u003eIntel BIOS PCSD BIOS versions ant\u00e9rieures \u00e0 02.01.0013\u003c/li\u003e \u003cli\u003eIntel logiciel PROSet/Wireless WiFi versions ant\u00e9rieures \u00e0 22.200\u003c/li\u003e \u003cli\u003eIntel Converged Security Management Engine (CSME) sans les correctifs de s\u00e9curit\u00e9 du 08 ao\u00fbt 2023\u003c/li\u003e \u003cli\u003eIntel Active Management Technology (AMT) sans les correctifs de s\u00e9curit\u00e9 du 08 ao\u00fbt 2023\u003c/li\u003e \u003cli\u003eIntel Standard Manageability software sans les correctifs de s\u00e9curit\u00e9 du 08 ao\u00fbt 2023\u003c/li\u003e \u003cli\u003ePilote RDMA des Contr\u00f4leurs Ethernet Intel pour linux versions ant\u00e9rieures \u00e0 1.9.30\u003c/li\u003e \u003cli\u003eProgramme d\u0027installation de pilotes Intel RST avec Intel Optane Memory (plateformes de 11\u00e8me \u00e0 13\u00e8me g\u00e9n\u00e9rations) versions ant\u00e9rieures \u00e0 19.5.2.1049.5\u003c/li\u003e \u003cli\u003eProgramme d\u0027installation de pilotes Intel RST avec Intel Optane Memory (plateformes de 10\u00e8me et 11\u00e8me g\u00e9n\u00e9rations) versions ant\u00e9rieures \u00e0 18.7.6.1010.3\u003c/li\u003e \u003cli\u003eProgramme d\u0027installation de pilotes Intel RST avec Intel Optane Memory (plateformes de 8\u00e8me et 9\u00e8me g\u00e9n\u00e9rations) versions ant\u00e9rieures \u00e0 17.11.3.1010.2\u003c/li\u003e \u003cli\u003eInterface utilisateur Intel RST et pilotes versions ant\u00e9rieures \u00e0 16.8.5.1014.5\u003c/li\u003e \u003cli\u003eSuite de logiciels Intel Quartus Prime Pro pour Linux before versions ant\u00e9rieures \u00e0 22.4\u003c/li\u003e \u003cli\u003eSuite de logiciels Intel Quartus Prime Standard pour Linux versions ant\u00e9rieures \u00e0 22.1STD\u003c/li\u003e \u003cli\u003eCartes graphiques Intel Arc A770 et A750 vendues entre octobre 2022 et d\u00e9cembre 2022\u003c/li\u003e \u003cli\u003eS\u00e9ries de processeurs Intel Atom, Xeon, Core de 7\u00e8me \u00e0 11\u00e8me g\u00e9n\u00e9rations, Celeron, Pentium et Core s\u00e9ries X sans les correctifs de s\u00e9curit\u00e9 du 08 ao\u00fbt 2023\u003c/li\u003e \u003cli\u003eLogiciel d\u0027ex\u00e9cution Intel oneVPL GPU versions ant\u00e9rieures \u00e0 22.6.5\u003c/li\u003e \u003cli\u003eClient Intel Unite pour Mac versions ant\u00e9rieures \u00e0 4.2.11\u003c/li\u003e \u003cli\u003eEnsemble de logiciels Intel Unite pour Windows versions ant\u00e9rieures \u00e0 4.2.34962\u003c/li\u003e \u003cli\u003eS\u00e9ries de processeurs Intel Atom, Xeon, Core, Celeron et Pentium sans les correctifs de s\u00e9curit\u00e9 du 08 ao\u00fbt 2023\u003c/li\u003e \u003cli\u003ePilotes infrarouge ITE Tech consumer pour terminaux NUC versions ant\u00e9rieures \u00e0 5.5.2.1\u003c/li\u003e \u003cli\u003eSystem Firmware Update Utility (SysFwUpdt) for Intel Server Boards and Intel Server Systems Based on Intel 621A Chipset before version 16.0.7.\u003c/li\u003e \u003cli\u003eUtilitaire de mise \u00e0 jour de microgiciel (SysFwUpdt) pour Intel Server Boards et Intel Server Systems bas\u00e9 sur les jeux de puces 621A\u003c/li\u003e \u003cli\u003eS\u00e9ries de contr\u00f4leurs Ethernet et adaptateurs E810 (Columbiaville) versions ant\u00e9rieures \u00e0 1.7.2.4\u003c/li\u003e \u003cli\u003eLogiciel Intel Optimization for TensorFlow versions ant\u00e9rieures \u00e0 2.12\u003c/li\u003e \u003cli\u003eDistribution Intel des outils OpenVINO versions ant\u00e9rieures \u00e0 2022.3.0\u003c/li\u003e \u003cli\u003eOutils Intel VCUST t\u00e9l\u00e9charg\u00e9s avant le 03 f\u00e9vrier 2023 sans le correctif de s\u00e9curit\u00e9 du 08 ao\u00fbt 2023\u003c/li\u003e \u003cli\u003elogiciel Intel VROC versions ant\u00e9rieures \u00e0 8.0.0.4035\u003c/li\u003e \u003cli\u003eLogiciel d\u0027installation d\u0027Intel Advanced Link Analyzer Standard Edition versions ant\u00e9rieures \u00e0 22.1.1\u003c/li\u003e \u003cli\u003eLogiciel d\u0027installation Intel ISPC software pour Windows versions ant\u00e9rieures \u00e0 1.19.0\u003c/li\u003e \u003cli\u003eLogiciel Intel Agilex software inclus dans Intel Quartus Prime Pro Edition pour Linux versions ant\u00e9rieures \u00e0 22.4\u003c/li\u003e \u003cli\u003eLogiciel Intel Easy Streaming Wizard toutes versions [1]\u003c/li\u003e \u003cli\u003eApplication Android Intel Support versions ant\u00e9rieures \u00e0 v23.02.07\u003c/li\u003e \u003cli\u003eSuite logicielle Intel NUC Pro pour Windows versions ant\u00e9rieures \u00e0 2.0.0.9\u003c/li\u003e \u003cli\u003eLogiciel Intel PROSet/Wireless WiFi 6 AX200 sur certaines plateformes Microsoft Surface versions ant\u00e9rieures \u00e0 22.220 HF\u003c/li\u003e \u003cli\u003eLogiciel Intel oneMKL versions ant\u00e9rieures \u00e0 2022.0\u003c/li\u003e \u003cli\u003eLogiciel Intel DTT versions ant\u00e9rieures \u00e0 8.7.10801.25109\u003c/li\u003e \u003cli\u003eLogiciel Intel AI Hackathon versions ant\u00e9rieures \u00e0 2.0.0\u003c/li\u003e \u003cli\u003eLogiciel Intel DSA versions ant\u00e9rieures \u00e0 23.1.9\u003c/li\u003e \u003cli\u003eBiblioth\u00e8que Hyperscan maintenue par Intel versions ant\u00e9rieures \u00e0 5.4.1\u003c/li\u003e \u003cli\u003eOutils Intel oneAPI versions ant\u00e9rieures \u00e0 2023.1.0\u003c/li\u003e \u003cli\u003eBIOS de cartes m\u00e8res de terminaux NUC sans les correctifs de s\u00e9curit\u00e9 du 08 ao\u00fbt 2023\u003c/li\u003e \u003cli\u003eLogiciel Intel Manageability Commander versions ant\u00e9rieures \u00e0 2.3\u003c/li\u003e \u003cli\u003eLogiciel Intel Unison versions ant\u00e9rieures \u00e0 10.12\u003c/li\u003e \u003cli\u003ePilotes vid\u00e9o BMC int\u00e9gr\u00e9s aux cartes m\u00e8res Intel M10JNP2SB pour Microsoft versions ant\u00e9rieures \u00e0 3.0\u003c/li\u003e \u003cli\u003ePilotes vid\u00e9o BMC int\u00e9gr\u00e9s aux cartes m\u00e8res Intel M10JNP2SB pour Linux versions ant\u00e9rieures \u00e0 1.13.4\u003c/li\u003e \u003cli\u003eLogiciel Intel SDP Tool versions ant\u00e9rieures \u00e0 1.4 build 5\u003c/li\u003e \u003cli\u003eOutils de d\u00e9veloppement Intel PSR versions ant\u00e9rieures \u00e0 1.0.0.20\u003c/li\u003e \u003cli\u003eLogiciel Intel RealSense ID pour Intel RealSense 450 FA versions ant\u00e9rieures \u00e0 0.25\u003c/li\u003e \u003cli\u003eApplication Android Intel Unite versions ant\u00e9rieures \u00e0 4.2.3504\u003c/li\u003e \u003cli\u003eLogiciel MAVinci Desktop pour Intel Falcon 8+ toutes versions [2]\u003c/li\u003e \u003cli\u003eLogiciel Intel ITS versions ant\u00e9rieures \u00e0 3.1\u003c/li\u003e \u003cli\u003eOutils de d\u00e9veloppement Intel RealSense versions ant\u00e9rieures \u00e0 2.53.1\u003c/li\u003e \u003c/ul\u003e \u003cp\u003e[1] :\u00a0L\u0027\u00e9diteur indique que le logiciel Intel Easy Streaming Wizard n\u0027est plus maintenu et recommande de le d\u00e9sinstaller ou de cesser de l\u0027utiliser d\u00e8s que possible\u003c/p\u003e \u003cp\u003e[2] :\u00a0L\u0027\u00e9diteur indique que le logiciel MAVinci Desktop pour Intel Falcon 8+ n\u0027est plus maintenu et recommande de le d\u00e9sinstaller ou de cesser de l\u0027utiliser d\u00e8s que possible\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-32617",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32617"
},
{
"name": "CVE-2023-27509",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27509"
},
{
"name": "CVE-2023-31246",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31246"
},
{
"name": "CVE-2023-23577",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23577"
},
{
"name": "CVE-2022-44611",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44611"
},
{
"name": "CVE-2023-28736",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28736"
},
{
"name": "CVE-2023-29243",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29243"
},
{
"name": "CVE-2023-34086",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34086"
},
{
"name": "CVE-2023-27392",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27392"
},
{
"name": "CVE-2023-24016",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24016"
},
{
"name": "CVE-2022-27635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27635"
},
{
"name": "CVE-2023-28823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28823"
},
{
"name": "CVE-2023-22356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22356"
},
{
"name": "CVE-2023-27506",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27506"
},
{
"name": "CVE-2023-32547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32547"
},
{
"name": "CVE-2022-36372",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36372"
},
{
"name": "CVE-2023-25773",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25773"
},
{
"name": "CVE-2023-28658",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28658"
},
{
"name": "CVE-2022-37343",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37343"
},
{
"name": "CVE-2022-36392",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36392"
},
{
"name": "CVE-2023-27515",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27515"
},
{
"name": "CVE-2022-38076",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38076"
},
{
"name": "CVE-2023-27391",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27391"
},
{
"name": "CVE-2022-37336",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37336"
},
{
"name": "CVE-2023-28385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28385"
},
{
"name": "CVE-2023-25944",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25944"
},
{
"name": "CVE-2023-29500",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29500"
},
{
"name": "CVE-2023-22841",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22841"
},
{
"name": "CVE-2022-38102",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38102"
},
{
"name": "CVE-2023-22444",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22444"
},
{
"name": "CVE-2023-32609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32609"
},
{
"name": "CVE-2023-28938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28938"
},
{
"name": "CVE-2023-28711",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28711"
},
{
"name": "CVE-2023-28714",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28714"
},
{
"name": "CVE-2023-22276",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22276"
},
{
"name": "CVE-2023-33867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33867"
},
{
"name": "CVE-2022-29871",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29871"
},
{
"name": "CVE-2022-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
},
{
"name": "CVE-2022-29887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29887"
},
{
"name": "CVE-2023-32656",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32656"
},
{
"name": "CVE-2023-22449",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22449"
},
{
"name": "CVE-2023-25757",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25757"
},
{
"name": "CVE-2023-25182",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25182"
},
{
"name": "CVE-2022-29470",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29470"
},
{
"name": "CVE-2023-29494",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29494"
},
{
"name": "CVE-2023-28380",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28380"
},
{
"name": "CVE-2022-41984",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41984"
},
{
"name": "CVE-2023-22840",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22840"
},
{
"name": "CVE-2022-40964",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40964"
},
{
"name": "CVE-2023-34355",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34355"
},
{
"name": "CVE-2022-38973",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38973"
},
{
"name": "CVE-2022-34657",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34657"
},
{
"name": "CVE-2023-29151",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29151"
},
{
"name": "CVE-2022-43505",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43505"
},
{
"name": "CVE-2022-36351",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36351"
},
{
"name": "CVE-2023-34438",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34438"
},
{
"name": "CVE-2023-28405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28405"
},
{
"name": "CVE-2023-34427",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34427"
},
{
"name": "CVE-2023-32663",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32663"
},
{
"name": "CVE-2022-41804",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41804"
},
{
"name": "CVE-2022-45112",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45112"
},
{
"name": "CVE-2023-27505",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27505"
},
{
"name": "CVE-2023-33877",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33877"
},
{
"name": "CVE-2023-22330",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22330"
},
{
"name": "CVE-2023-27887",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27887"
},
{
"name": "CVE-2022-43456",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43456"
},
{
"name": "CVE-2023-32285",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32285"
},
{
"name": "CVE-2022-46329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46329"
},
{
"name": "CVE-2023-32543",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32543"
},
{
"name": "CVE-2023-34349",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34349"
},
{
"name": "CVE-2023-22338",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22338"
},
{
"name": "CVE-2023-26587",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26587"
},
{
"name": "CVE-2023-30760",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30760"
},
{
"name": "CVE-2022-44612",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-44612"
},
{
"name": "CVE-2023-25775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25775"
},
{
"name": "CVE-2022-27879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27879"
},
{
"name": "CVE-2022-25864",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25864"
},
{
"name": "CVE-2023-23908",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23908"
},
{
"name": "CVE-2022-38083",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38083"
}
],
"initial_release_date": "2023-08-09T00:00:00",
"last_revision_date": "2023-08-09T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0640",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-08-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nElles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service, une\natteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00846 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00846.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00844 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00844.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00897 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00897.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00893 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00893.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00899 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00899.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00828 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00828.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00813 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00813.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00912 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00912.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00859 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00859.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00932 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00932.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00812 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00812.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00892 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00892.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00934 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00934.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00795 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00795.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00938 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00938.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00826 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00826.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00862 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00862.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00818 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00818.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00836 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00836.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00840 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00840.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00873 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00873.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00742 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00742.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00794 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00794.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00766 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00879 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00879.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00905 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00905.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00837 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00837.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00783 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00783.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00830 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00830.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00842 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00842.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00877 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00877.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00848 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00848.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00829 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00829.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00917 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00917.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00946 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00946.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00800 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00800.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00890 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00890.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00850 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00850.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00849 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00849.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00868 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00868.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00878 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00878.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00907 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00907.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00690 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00690.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00875 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00875.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00872 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00872.html"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Intel intel-sa-00835 du 08 ao\u00fbt 2023",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00835.html"
}
]
}
CVE-2022-40964
Vulnerability from fstec - Published: 10.08.2023
VLAI Severity ?
Title
Уязвимость утилиты для подключения к сети Intel PROSet/Wireless WiFi и Killer WiFi, связанная с недостатками разграничения доступа, позволяющая нарушителю повысить свои привилегии
Description
Уязвимость утилиты для подключения к сети Intel PROSet/Wireless WiFi и Killer WiFi связана с недостатками разграничения доступа. Эксплуатация уязвимости может позволить нарушителю повысить свои привилегии
Severity ?
Vendor
Intel Corp.
Software Name
Intel PROSet/Wireless WiFi, Intel Killer Wi-Fi
Software Version
до 22.200 (Intel PROSet/Wireless WiFi), до 3.2.20.23023 (Intel Killer Wi-Fi)
Possible Mitigations
Использование рекомендаций:
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html
Reference
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40964
https://www.cybersecurity-help.cz/vdb/SB2023081532
CWE
CWE-284
{
"CVSS 2.0": "AV:L/AC:L/Au:M/C:C/I:C/A:C",
"CVSS 3.0": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"CVSS 4.0": null,
"remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": null,
"remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": null,
"\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Intel Corp.",
"\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "\u0434\u043e 22.200 (Intel PROSet/Wireless WiFi), \u0434\u043e 3.2.20.23023 (Intel Killer Wi-Fi)",
"\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439:\nhttp://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html",
"\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "10.08.2023",
"\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "04.03.2025",
"\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "05.09.2023",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2023-05154",
"\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2022-40964",
"\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
"\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
"\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Intel PROSet/Wireless WiFi, Intel Killer Wi-Fi",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "\u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Linux - , Google Inc Chrome OS - , Microsoft Corp Windows 11 - , Microsoft Corp Windows 10 - ",
"\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0442\u0438\u043b\u0438\u0442\u044b \u0434\u043b\u044f \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043a \u0441\u0435\u0442\u0438 Intel PROSet/Wireless WiFi \u0438 Killer WiFi, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (CWE-284)",
"\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0442\u0438\u043b\u0438\u0442\u044b \u0434\u043b\u044f \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043a \u0441\u0435\u0442\u0438 Intel PROSet/Wireless WiFi \u0438 Killer WiFi \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u0440\u0430\u0437\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u0441\u0432\u043e\u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438",
"\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
"\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
"\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
"\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
"\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
"\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html\nhttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-40964\nhttps://www.cybersecurity-help.cz/vdb/SB2023081532",
"\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
"\u0422\u0438\u043f \u041f\u041e": "\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c, \u0421\u0435\u0442\u0435\u0432\u043e\u0435 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e",
"\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-284",
"\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,8)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 6,7)"
}
GSD-2022-40964
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2022-40964",
"id": "GSD-2022-40964"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2022-40964"
],
"details": "Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.",
"id": "GSD-2022-40964",
"modified": "2023-12-13T01:19:30.624723Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-40964",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "See references"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "escalation of privilege"
},
{
"cweId": "CWE-284",
"lang": "eng",
"value": "Improper access control"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html",
"refsource": "MISC",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/",
"refsource": "MISC",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:intel:killer:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "34.22.1163",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:intel:proset\\/wireless_wifi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "22.200",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:intel:uefi_firmware:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "3.2.20.23023",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:h:intel:killer_wi-fi_6_ax1650i\\/s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:killer_wi-fi_6e_ax1675i\\/s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:killer_wi-fi_6e_ax1675x\\/w:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:killer_wi-fi_6e_ax1690i\\/s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:killer_wireless-ac_1550i\\/s:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:wi-fi_6e_ax210:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:wi-fi_6e_ax211:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:wi-fi_6e_ax411:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:wireless-ac_9461:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:wireless-ac_9462:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:h:intel:wireless-ac_9560:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"ID": "CVE-2022-40964"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html",
"refsource": "MISC",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/",
"refsource": "MISC",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/",
"refsource": "MISC",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/"
},
{
"name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/",
"refsource": "MISC",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html",
"refsource": "MISC",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
},
"lastModifiedDate": "2023-10-24T18:00Z",
"publishedDate": "2023-08-11T03:15Z"
}
}
}
GHSA-2HJ4-QRQ6-RW3W
Vulnerability from github – Published: 2023-08-11 03:30 – Updated: 2024-04-04 06:49
VLAI?
Details
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
Severity ?
7.9 (High)
{
"affected": [],
"aliases": [
"CVE-2022-40964"
],
"database_specific": {
"cwe_ids": [
"CWE-284"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-08-11T03:15:14Z",
"severity": "MODERATE"
},
"details": "Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.",
"id": "GHSA-2hj4-qrq6-rw3w",
"modified": "2024-04-04T06:49:54Z",
"published": "2023-08-11T03:30:20Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-40964"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY"
},
{
"type": "WEB",
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"type": "CVSS_V3"
}
]
}
FKIE_CVE-2022-40964
Vulnerability from fkie_nvd - Published: 2023-08-11 03:15 - Updated: 2024-11-21 07:22
Severity ?
7.9 (High) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
6.7 (Medium) - CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Summary
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
References
| URL | Tags | ||
|---|---|---|---|
| secure@intel.com | http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html | Patch, Vendor Advisory | |
| secure@intel.com | https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html | Mailing List, Third Party Advisory | |
| secure@intel.com | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/ | Mailing List | |
| secure@intel.com | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/ | Mailing List | |
| secure@intel.com | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/ | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/ | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/ | Mailing List | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/ | Mailing List |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | killer | * | |
| intel | proset\/wireless_wifi | * | |
| intel | uefi_firmware | * | |
| intel | killer_wi-fi_6_ax1650i\/s | - | |
| intel | killer_wi-fi_6e_ax1675i\/s | - | |
| intel | killer_wi-fi_6e_ax1675x\/w | - | |
| intel | killer_wi-fi_6e_ax1690i\/s | - | |
| intel | killer_wireless-ac_1550i\/s | - | |
| intel | wi-fi_6_ax201 | - | |
| intel | wi-fi_6e_ax210 | - | |
| intel | wi-fi_6e_ax211 | - | |
| intel | wi-fi_6e_ax411 | - | |
| intel | wireless-ac_9461 | - | |
| intel | wireless-ac_9462 | - | |
| intel | wireless-ac_9560 | - | |
| fedoraproject | fedora | 37 | |
| fedoraproject | fedora | 38 | |
| fedoraproject | fedora | 39 | |
| debian | debian_linux | 10.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:killer:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8D000E1E-4DBE-47F1-B48F-577AFB0B9A3C",
"versionEndExcluding": "34.22.1163",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:proset\\/wireless_wifi:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E22B4543-24F8-4EF5-A2EE-2F35FFDE39B8",
"versionEndExcluding": "22.200",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:intel:uefi_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C8EAFBED-37DE-4BAB-A498-DDE262F315F0",
"versionEndExcluding": "3.2.20.23023",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:intel:killer_wi-fi_6_ax1650i\\/s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4CF26EB8-A731-4186-9338-1B2873A61D8F",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:killer_wi-fi_6e_ax1675i\\/s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "7769243A-AD4D-47AB-AC83-2E6EA9E040C5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:killer_wi-fi_6e_ax1675x\\/w:-:*:*:*:*:*:*:*",
"matchCriteriaId": "28382BCE-0FF3-44AC-97C2-E74BB17F1C3E",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:killer_wi-fi_6e_ax1690i\\/s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5D37D73-C613-4800-B414-8AC9A32AD5E5",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:killer_wireless-ac_1550i\\/s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DC34DCD7-D31D-411D-859E-75617C9E2201",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A0433774-9479-4A01-B697-1379AEA223C9",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:wi-fi_6e_ax210:-:*:*:*:*:*:*:*",
"matchCriteriaId": "54323008-43E6-4A85-BB92-F2EF6ED8E57C",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:wi-fi_6e_ax211:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C90E6127-7D01-49CE-96EF-9F4CB5891373",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:wi-fi_6e_ax411:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ADE89FD4-8B08-430E-976A-068DBF47F5F7",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:wireless-ac_9461:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2F198C1B-28A8-4FB8-9266-333A6E465445",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:wireless-ac_9462:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1B60A55C-0969-43D4-A1A8-0E736DE89AFA",
"vulnerable": false
},
{
"criteria": "cpe:2.3:h:intel:wireless-ac_9560:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C7A5DD09-188E-4772-BBFD-3DCC776F4D55",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
"matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
"matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
"matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "Un control de acceso inadecuado para algunos programas Intel(R) PROSet/Wireless WiFi y Killer(TM) WiFi puede permitir que un usuario con privilegios habilite potencialmente una escalada de privilegios mediante acceso local."
}
],
"id": "CVE-2022-40964",
"lastModified": "2024-11-21T07:22:19.010",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.9,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.5,
"impactScore": 5.8,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-08-11T03:15:14.603",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/"
},
{
"source": "secure@intel.com",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Mailing List"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2022-40964
Vulnerability from osv_almalinux
Published
2023-11-07 00:00
Modified
2023-11-14 12:15
Summary
Important: linux-firmware security, bug fix, and enhancement update
Details
The linux-firmware packages contain all of the firmware files that are required by various devices to operate.
Security Fix(es):
- hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-27635)
- hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-40964)
- hw: intel: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi (CVE-2022-46329)
- hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi (CVE-2022-36351)
- hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569)
- hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi (CVE-2022-38076)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
{
"affected": [
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "iwl100-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "39.31.5.1-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "iwl1000-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:39.31.5.1-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "iwl105-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "18.168.6.1-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "iwl135-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "18.168.6.1-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "iwl2000-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "18.168.6.1-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "iwl2030-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "18.168.6.1-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "iwl3160-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:25.30.13.0-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "iwl5000-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.83.5.1_1-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "iwl5150-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "8.24.2.2-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "iwl6000g2a-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "18.168.6.1-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "iwl6000g2b-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "18.168.6.1-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "iwl6050-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "41.28.5.1-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "iwl7260-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "1:25.30.13.0-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "libertas-sd8787-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "20230814-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "linux-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "20230814-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "linux-firmware-whence"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "20230814-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"package": {
"ecosystem": "AlmaLinux:9",
"name": "netronome-firmware"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "20230814-140.el9_3"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"details": "The linux-firmware packages contain all of the firmware files that are required by various devices to operate.\n\nSecurity Fix(es):\n\n* hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-27635)\n* hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi (CVE-2022-40964)\n* hw: intel: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi (CVE-2022-46329)\n* hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi (CVE-2022-36351)\n* hw amd: Return Address Predictor vulnerability leading to information disclosure (CVE-2023-20569)\n* hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi (CVE-2022-38076)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.",
"id": "ALSA-2023:6595",
"modified": "2023-11-14T12:15:32Z",
"published": "2023-11-07T00:00:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://access.redhat.com/errata/RHSA-2023:6595"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-27635"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-36351"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-38076"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-40964"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2022-46329"
},
{
"type": "REPORT",
"url": "https://access.redhat.com/security/cve/CVE-2023-20569"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2207625"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2238960"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2238961"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2238962"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2238963"
},
{
"type": "REPORT",
"url": "https://bugzilla.redhat.com/2238964"
},
{
"type": "ADVISORY",
"url": "https://errata.almalinux.org/9/ALSA-2023-6595.html"
}
],
"related": [
"CVE-2022-27635",
"CVE-2022-40964",
"CVE-2022-46329",
"CVE-2022-36351",
"CVE-2023-20569",
"CVE-2022-38076"
],
"summary": "Important: linux-firmware security, bug fix, and enhancement update"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…