CVE-2022-36397
First published: Thu Feb 16 2023(Updated: )
Incorrect default permissions in the software installer for some Intel(R) QAT drivers for Linux before version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Quickassist Technology | <1.6 | |
| Intel Quickassist Technology | <4.17 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2022-36397?
CVE-2022-36397 is a vulnerability in the software installer for some Intel(R) QAT drivers for Linux before version 4.17 that may allow an authenticated user to potentially enable escalation of privilege via local access.
What is the severity of CVE-2022-36397?
The severity of CVE-2022-36397 is high, with a CVSS score of 7.8.
How can an attacker exploit CVE-2022-36397?
An attacker can exploit CVE-2022-36397 by being an authenticated user with local access and potentially enabling escalation of privilege.
Which versions of Intel Quickassist Technology are affected by CVE-2022-36397?
Versions up to and excluding 4.17 of Intel Quickassist Technology for Linux are affected by CVE-2022-36397.
Where can I find more information about CVE-2022-36397?
You can find more information about CVE-2022-36397 at the following link: http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00751.html
- collector/nvd-index
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/description
- agent/type
- agent/event
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- agent/remedy
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel quickassist technology