11 matches found
CVE-2021-33147
The CVE-2021-33147 issue affects the Intel IPP Cryptography library prior to 2021.2. Affected component: Intel IPP Crypto library (before 2021.2). Root cause: improper conditions check may allow an authenticated user to cause information disclosure via local access. Impact: confidentiality exposu...
CVE-2021-0001
CVE-2021-0001 concerns an observable timing discrepancy in Intel IPP prior to 2020 update 1 that may allow an authorized user to disclose information via local access. The Red Hat/NVD/OSV/NCSC entries confirm IPP and SGX involvement. Intel’s advisory (Intel-SA-00477) states mitigations: update IP...
CVE-2023-29162
The CVE-2023-29162 entry concerns Intel’s Intel® oneAPI Toolkits, specifically the Intel C++ Compiler Classic prior to 2021.8 bundled with toolkits before 2022.3.1. The issue is an improper buffer restriction that may allow a privileged local user to escalate privileges. Affected scope includes I...
CVE-2018-3691
Intel Integrated Performance Primitives Cryptography Library (IPC Lib) has a vulnerability in versions before 2018 U3.1 where constant-time execution is not guaranteed. This could allow information disclosure via side-channel leakage. Affected: IPC Cryptography Library; root cause: lack of consta...
CVE-2024-21784
CVE-2024-21784 concerns an uncontrolled search path in Intel IPP Cryptography software before version 2021.11, potentially enabling local escalation of privilege for an authenticated user. Intel's advisory (INTEL-SA-01114) notes affected products include Intel IPP Cryptography prior to 2021.11 an...
CVE-2023-22355
The CVE-2023-22355 issue is an Uncontrolled search path in Intel(R) oneAPI Toolkit and component software installers prior to version 4.3.0.251, potentially enabling privilege escalation for an authenticated user via local access. The Intel advisory and related records confirm the affected softwa...
CVE-2023-35121
The CVE-2023-35121 issue concerns improper access control in Intel’s oneAPI DPC++/C++ Compiler prior to 2022.2.1 for some toolkits prior to 2022.3.1, enabling potential privilege escalation via local access when authenticated. Affected software is Intel® oneAPI DPC++/C++ Compiler and related tool...
CVE-2022-41646
CVE-2022-41646 affects Intel IPP Cryptography software before 2021.6. Root cause: insufficient control flow management. Impact: could allow an unauthenticated user to disclose information via local access. Affected product: Intel® IPP Cryptography. Remediation: upgrade to version 2021.6 or later ...
CVE-2022-37409
The CVE-2022-37409 issue affects Intel IPP Cryptography software prior to version 2021.6. According to the Intel advisory and corroborating Red Hat/NVD entries, the vulnerability arises from insufficient control flow management, which could allow an authenticated local user to disclose informatio...
CVE-2022-26083
Affected software: Intel® IPP Cryptography library (before version 2021.5). Issue (root cause): Generation of a weak initialization vector may allow an unauthenticated user to potentially cause information disclosure via local access. Impact: Information disclosure with high impact (confidentiali...
CVE-2022-40974
CVE-2022-40974 affects Intel® IPP Cryptography software prior to version 2021.6. The issue is incomplete cleanup in the cryptography routines that may allow a local privileged user to disclose information. Impact is described as local information disclosure with a low base severity in some feeds,...