CVE-2023-29162

CWE-276 — Incorrect Default Permissions3 documents3 sources

Severity

6.0MEDIUM

EPSS

0.1%

top 83.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Advisor Intel Inspector Intel Integrated Performance Primitives Cryptography +13 more

Timeline

PublishedFeb 14

Latest updateMar 28

Description

Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:LExploitability: 0.5 | Impact: 5.5

Affected Packages17 packages

▶CVEListV5intel(r)_c++_compiler_classicbefore version 2021.8

▶NVDintel/oneapi_base_toolkit< 2023.2+1

▶NVDintel/oneapi_deep_neural_network< 2023.2+1

▶NVDintel/oneapi_math_kernel_library< 2023.2

▶NVDintel/oneapi_hpc_toolkit2023.2

🔴Vulnerability Details

GHSA

GHSA-h929-hv54-38w3: Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021↗2024-03-28

▶

CVEList

CVE-2023-29162: Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021↗2024-02-14

▶