CVE-2023-32651

2024-02-1414:15:54

Debian Security Bug Tracker

security-tracker.debian.org

improper input validation

intel wi-fi software

denial of service

unauthenticated user

adjacent access

4.3 Medium

CVSS3

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

7.1 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Improper validation of specified type of input for some Intel® PROSet/Wireless and Intel® Killer™ Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

OSVersionArchitecturePackageVersionFilename
Debian12allfirmware-nonfree<= 20230210-5firmware-nonfree_20230210-5_all.deb
Debian11allfirmware-nonfree<= 20210315-3firmware-nonfree_20210315-3_all.deb
Debian999allfirmware-nonfree<= 20230625-2firmware-nonfree_20230625-2_all.deb
Debian13allfirmware-nonfree<= 20230625-2firmware-nonfree_20230625-2_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	firmware-nonfree	<= 20230210-5	firmware-nonfree_20230210-5_all.deb
Debian	11	all	firmware-nonfree	<= 20210315-3	firmware-nonfree_20210315-3_all.deb
Debian	999	all	firmware-nonfree	<= 20230625-2	firmware-nonfree_20230625-2_all.deb
Debian	13	all	firmware-nonfree	<= 20230625-2	firmware-nonfree_20230625-2_all.deb