CVE-2023-28401

CWE-787Out-of-bounds Write3 documents3 sources
Severity
7.8HIGH
EPSS
0.1%
top 79.24%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Intel ARC A GraphicsIntel Iris XE Graphics
Timeline
PublishedNov 14

Description

Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 31.0.101.4255 may allow authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:LExploitability: 1.5 | Impact: 3.7

Affected Packages3 packages

NVDintel/iris_xe_graphics< 31.0.101.4255
NVDintel/arc_a_graphics< 31.0.101.4255

🔴Vulnerability Details

2
GHSA
GHSA-7j92-gx3c-pv6x: Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 312023-11-14
CVEList
CVE-2023-28401: Out-of-bounds write in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows drivers before version 312023-11-14
CVE-2023-28401 (HIGH CVSS 7.8) | Out-of-bounds write in some Intel(R | cvebase.io