Lucene search

GoogleOSV:CVE-2023-28741

HistoryNov 14, 2023 - 7:15 p.m.

CVE-2023-28741

2023-11-1419:15:23

Google

osv.dev

buffer overflow

intel qat drivers

privilege escalation

local access

cve-2023-28741

windows software

7.9 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H

7.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Buffer overflow in some Intel® QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local access.

CPENameOperatorVersion
qatlibeq20.10.0
qatlibeq21.11.0
qatlibeq22.07.0
qatlibeq21.08.0
qatlibeq20.08.0
qatlibeq21.05.0

Name	Operator	Version
qatlib	eq	20.10.0
qatlib	eq	21.11.0
qatlib	eq	22.07.0
qatlib	eq	21.08.0
qatlib	eq	20.08.0
qatlib	eq	21.05.0

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00861.html

7.9 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:H/A:H

7.4 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for OSV:CVE-2023-28741