Buffer overflow in Intel Qat_driver
CVE-2023-22313
Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to potentially enable information disclosure via local access.
EPSS: 0.002 (11.8th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 2.3 (Low). Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N.
Affected products
- Intel Qat_driver — versions 1.0
- Intel Qat_driver_firmware
- Intel Quickassist_technology_driver — versions 2.0
- Intel Quickassist_technology_driver_firmware
- Intel Quickassist_technology_library
- N/a Intel(r) Qat Library Software — versions before version 22.07.1
Weakness classification (CWE)
References
- secure@intel.com (Patch, Vendor Advisory)
Frequently asked questions
- What is CVE-2023-22313?
- CVE-2023-22313 is a low-severity vulnerability in Intel Qat_driver, classified under CWE-92. CVSS score: 2.3/10. Published 2023-11-14.
- How severe is CVE-2023-22313?
- Low severity. CVSS v3 base score is 2.3 out of 10.