HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2022-43507

CVSS 7.5v3.1pub. 2023-05-10upd. 2024-11-21

Improper buffer restrictions in the Intel(R) QAT Engine for OpenSSL before version 0.6.16 may allow a privileged user to potentially enable escalation of privilege via network access.

CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
  • Intel Quickassist Technology Engine

    APP
    Intel
    < 0.6.16
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
CWE
References

Related vulnerabilities

CVE-2017-5681HIGH7.5ten sam produkt

The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL versions prior to 0.5....

CVE-2021-45046CRITICAL9.0⚠ KEVten sam vendor

It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-defau...

CVE-2021-44228CRITICAL10.0⚠ KEVten sam vendor

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...

CVE-2017-5689CRITICAL9.8⚠ KEVten sam vendor

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel A...

CVE-2024-23497CRITICAL9.3PL ✓ten sam vendor

Out-of-bounds write w sterowniku Linux dla Intel Ethernet 800 Series — privilege escalation