Improper buffer restrictions in the Intel(R) QAT Engine for OpenSSL before version 0.6.16 may allow a privileged user to potentially enable escalation of privilege via network access.
CVSS Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:HIntel Quickassist Technology Engine
APPIntel< 0.6.16
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Related vulnerabilities
CVE-2017-5681HIGH7.5ten sam produkt
The RSA-CRT implementation in the Intel QuickAssist Technology (QAT) Engine for OpenSSL versions prior to 0.5....
CVE-2021-45046CRITICAL9.0⚠ KEVten sam vendor
It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-defau...
CVE-2021-44228CRITICAL10.0⚠ KEVten sam vendor
Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features u...
CVE-2017-5689CRITICAL9.8⚠ KEVten sam vendor
An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel A...
CVE-2024-23497CRITICAL9.3PL ✓ten sam vendor
Out-of-bounds write w sterowniku Linux dla Intel Ethernet 800 Series — privilege escalation