CVE-2023-22840

EPSS 0.06%
Published 11.08.2023 03:15:17
Last modified 21.11.2024 07:45:29
Source secure@intel.com
Teams watchlist Login
Open Login

Improper neutralization in software for the Intel(R) oneVPL GPU software before version 22.6.5 may allow an authenticated user to potentially enable denial of service via local access.

Affected products Warnungen 0 Metrics 3 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Intel ≫ Onevpl Gpu Runtime Version < 22.6.5

Fedoraproject ≫ Fedora Version37

Fedoraproject ≫ Fedora Version38

Fedoraproject ≫ Fedora Version39

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.153

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	5.5	1.8	3.6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
secure@intel.com	3.3	1.8	1.4	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

CWE-86 Improper Neutralization of Invalid Characters in Identifiers in Web Pages

The product does not neutralize or incorrectly neutralizes invalid characters or byte sequences in the middle of tag names, URI schemes, and other identifiers.

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00818.html

Vendor Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J7RNFPWOSFII2JE2KDRHPLJANZC3YATW/

Third Party Advisory

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L27GRS7E45IOCZ44VQX2NJ33GVRBWHBS/

Third Party Advisory

Issue Tracking

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TULYSWHC3X76AIGGMUSLBTWOXNND6IEV/

Third Party Advisory

Issue Tracking

https://nvd.nist.gov/vuln/detail/CVE-2023-22840

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-22840

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-22840

EUVD