CVE-2023-25952

CWE-787Out-of-bounds Write3 documents3 sources
Severity
5.5MEDIUM
EPSS
0.1%
top 83.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Intel ARC A GraphicsIntel Iris XE Graphics
Timeline
PublishedNov 14

Description

Out-of-bounds write in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentially enable denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:HExploitability: 1.8 | Impact: 4.2

Affected Packages3 packages

CVEListV5intel(r)_arc(tm)_control_softwarebefore version 1.73.5335.2
NVDintel/arc_a_graphics< 31.0.101.4255
NVDintel/iris_xe_graphics< 31.0.101.4255

🔴Vulnerability Details

2
GHSA
GHSA-q69f-x478-xp8g: Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 312023-11-14
CVEList
CVE-2023-25952: Out-of-bounds write in some Intel(R) Arc(TM) Control software before version 12023-11-14
CVE-2023-25952 (MEDIUM CVSS 5.5) | Out-of-bounds write in some Intel(R | cvebase.io