Intel QAT Software Drivers Vulnerability Could Lead to Denial of Service
CVE-2023-41252

6.5MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Qat Software Drivers For Windows
Vendor: CVE Published:; 14 February 2024

What is CVE-2023-41252?

A vulnerability exists in certain versions of Intel(R) QuickAssist Technology (QAT) software drivers for Windows, where an out-of-bounds read could occur. This flaw may allow an authenticated user to exploit the software, potentially leading to a denial of service through local access. The issue is present in versions before QAT1.7-W-1.11.0. Organizations utilizing affected versions are advised to review their systems and consider applying available patches to mitigate the risk.

Affected Version(s)

Intel(R) QAT software drivers for Windows before version QAT1.7-W-1.11.0

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Sep 7, 2023