HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2017-5681

CVSS 7.5v3.0pub. 2017-03-07upd. 2026-05-13

The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL versions prior to 0.5.19 may allow remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack.

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
  • Intel Quickassist Technology Engine

    APP
    Intel
    0.5.18
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2022-43507HIGH7.5ten sam produkt

Improper buffer restrictions in the Intel(R) QAT Engine for OpenSSL before version 0.6.16 may allow a privileg...

CVE-2021-45046CRITICAL9.0⚠ KEVten sam vendor

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-defau...

CVE-2021-44228CRITICAL10.0⚠ KEVten sam vendor

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...

CVE-2017-5689CRITICAL9.8⚠ KEVten sam vendor

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel A...

CVE-2024-23497CRITICAL9.3PL ✓ten sam vendor

Out-of-bounds write w sterowniku Linux dla Intel Ethernet 800 Series — privilege escalation