Potential security vulnerabilities in some Intel® Arc™ Limited Edition graphics cards may allow denial of service or information disclosure. Intel is releasing prescriptive guidance to mitigate these potential vulnerabilities.
Vulnerability Details:
CVEID: CVE-2022-41984
Description: Protection mechanism failure for some Intel® Arc™ graphics cards A770 and A750 Limited Edition sold between October of 2022 and December of 2022 may allow a privileged user to potentially enable denial of service via local access.
CVSS Base Score: 4.4 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
CVEID: CVE-2022-38973
Description: Improper access control for some Intel® Arc™ graphics cards A770 and A750 Limited Edition sold between October of 2022 and December of 2022 may allow an authenticated user to potentially enable denial of service or information disclosure via local access.
CVSS Base Score: 3.3 Low
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:L
Intel® Arc™ graphics cards A770 and A750 Limited Edition purchased through retail outlets between October of 2022 and December of 2022.
Contact Intel product support in your region for assistance with any Intel® Arc™ graphics cards A770 and A750 Limited Edition purchased through retail outlets between October of 2022 and December of 2022.
This issue was found internally by Intel employees.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.