Intel Virtual Raid On Cpu vulnerabilities

CVE-2024-29079 [MEDIUM] CWE-691 CVE-2024-29079: Insufficient control flow management in some Intel(R) VROC software before version 8.6.0.3001 may al Insufficient control flow management in some Intel(R) VROC software before version 8.6.0.3001 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2024-32485 [LOW] CWE-20 CVE-2024-32485: Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an auth Improper Input Validation in some Intel(R) VROC software before version 8.6.0.2003 may allow an authenticated user to potentially enable denial of service via local access.

CVE-2024-23489 [MEDIUM] CWE-427 CVE-2024-23489: Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may allow an auth Uncontrolled search path for some Intel(R) VROC software before version 8.6.0.1191 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-35003 [MEDIUM] CWE-249 CVE-2023-35003: Path transversal in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated Path transversal in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-32646 [MEDIUM] CWE-427 CVE-2023-32646: Uncontrolled search path element in some Intel(R) VROC software before version 8.0.8.1001 may allow Uncontrolled search path element in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-34315 [MEDIUM] CWE-276 CVE-2023-34315: Incorrect default permissions in some Intel(R) VROC software before version 8.0.8.1001 may allow an Incorrect default permissions in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-31271 [MEDIUM] CWE-284 CVE-2023-31271: Improper access control in some Intel(R) VROC software before version 8.0.8.1001 may allow an authen Improper access control in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2022-45112 [HIGH] CWE-284 CVE-2022-45112: Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authen Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2022-30338 [MEDIUM] CWE-276 CVE-2022-30338: Incorrect default permissions in the Intel(R) VROC software before version 7.7.6.1003 may allow an a Incorrect default permissions in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2022-29508 [MEDIUM] CWE-395 CVE-2022-29508: Null pointer dereference in the Intel(R) VROC software before version 7.7.6.1003 may allow an authen Null pointer dereference in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2022-29919 [HIGH] CWE-416 CVE-2022-29919: Use after free in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated us Use after free in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2022-25976 [MEDIUM] CWE-20 CVE-2022-25976: Improper input validation in the Intel(R) VROC software before version 7.7.6.1003 may allow an authe Improper input validation in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable denial of service via local access.