CVE-2022-21239

CWE-125 — Out-of-bounds Read3 documents3 sources

Severity

5.5MEDIUM

EPSS

0.1%

top 67.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Quickassist Technology

Timeline

PublishedMay 10

Description

Out-of-bounds read in software for the Intel QAT Driver for Windows before version 1.9.0-0008 may allow an authenticated user to potentially enable information disclosure via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:NExploitability: 1.1 | Impact: 4.0

Affected Packages2 packages

▶CVEListV5intel_qat_driver_for_windowsbefore version 1.9.0-0008

▶NVDintel/quickassist_technology< 1.9.0-0008

Patches

Patch: www.intel.com ↗Patch: www.intel.com ↗

🔴Vulnerability Details

GHSA

GHSA-g3jq-hhrm-wgjx: Out-of-bounds read in software for the Intel QAT Driver for Windows before version 1↗2023-05-10

▶

CVEList

CVE-2022-21239: Out-of-bounds read in software for the Intel QAT Driver for Windows before version 1↗2023-05-10

▶