Time-of-Check Time-of-Use Race Condition in Intel Neural Compressor Software
CVE-2024-37181

2.1LOW

Key Information:

Vendor: Intel
Status: Intel(r) Neural Compressor Software
Vendor: CVE Published:; 16 January 2025

Summary

A time-of-check time-of-use race condition was identified in Intel's Neural Compressor software prior to version 3.0. This vulnerability may allow an authenticated user to potentially exploit adjacent access, leading to information disclosure. Users are urged to review the security implications and upgrade to the latest version to mitigate potential risks.

Affected Version(s)

Intel(R) Neural Compressor software before version v3.0

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V4

Score:

2.1

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Jan 16, 2025
Vulnerability Reserved
Jul 12, 2024