A potential security vulnerability in Intel® QuickAssist Technology for Linux may allow denial of service.** **Intel is releasing documentation and software updates to mitigate these potential vulnerabilities.
CVEID: CVE-2018-12206
Description: Improper configuration of hardware access in Intel® QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access.
CVSS Base Score: 3.2 Low
CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L
CVEID: CVE-2018-18096
Description: Improper memory handling in Intel® QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access.
CVSS Base Score: 3.2 Low
CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L
Intel® QuickAssist Technology for Linux.
Intel recommends that users follow the steps below to address these issues.
For CVE-2018-12206:
For CVE-2018-18096:
These issues were found internally by Intel employees. Intel would like to thank Ryan Hall (CVE-2018-18096) from the DCG Red Team.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are deployed.