Improper Input Validation in Intel oneAPI Math Kernel Library Affects User Applications
CVE-2025-31948

4.8MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Oneapi Math Kernel Library
Vendor: CVE Published:; 11 November 2025

What is CVE-2025-31948?

The Intel oneAPI Math Kernel Library prior to version 2025.2 is susceptible to an improper input validation vulnerability that may lead to denial of service in user applications. An attacker with unprivileged access can exploit this flaw locally, leveraging a low complexity attack. The attack does not require special knowledge or user interaction, accentuating the ease of exploitation. While the threat does not compromise confidentiality or integrity, it can disrupt the availability of the affected system, resulting in service interruptions for users.

Affected Version(s)

Intel(R) oneAPI Math Kernel Library before version 2025.2

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

4.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Nov 11, 2025
Vulnerability Reserved
Apr 4, 2025

JSON