CVE-2022-38076

Published: Aug 11, 2023Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected (7)

Products: Intel: Killer, Proset/wireless Wifi, Uefi Firmware · Fedoraproject: Fedora · Debian: Debian Linux

3 products

Proset/wireless Wifi

1 product

1 product

Configuration A

3 vulnerable · 10 platform

Vulnerable Software	Affected Versions
Intel Killer	Before 34.22.1163
Intel Proset/wireless Wifi	Before 22.200
Intel Uefi Firmware	Before 3.2.20.23023

Running on/with	Platform Versions
Intel Dual Band Wireless Ac 3165	All versions
Intel Dual Band Wireless Ac 3168	All versions
Intel Dual Band Wireless Ac 8260	All versions
Intel Dual Band Wireless Ac 8265	All versions
Intel Killer Wireless Ac 1550	All versions
Intel Wireless Ac 9260	All versions
Intel Wireless Ac 9461	All versions
Intel Wireless Ac 9462	All versions
Intel Wireless Ac 9560	All versions
Intel Wireless 7265 (rev D)	All versions

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 37
Fedoraproject Fedora	Version 38
Fedoraproject Fedora	Version 39

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0

Related CWEs

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html

Source: secure@intel.com

PatchVendor Advisory

https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html

Source: secure@intel.com

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/

Source: secure@intel.com

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/

Source: secure@intel.com

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/

Source: secure@intel.com

Mailing List

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing List

Timeline

No history available yet.