CVE-2023-24016
First published: Fri Aug 11 2023(Updated: )
Uncontrolled search path element in some Intel(R) Quartus(R) Prime Pro and Standard edition software for linux may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Quartus Prime | <22.1std | |
| Intel Quartus Prime | <22.4 | |
| Linux Linux kernel |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2023-24016?
CVE-2023-24016 is a vulnerability that allows an authenticated user to potentially enable escalation of privilege via local access in some Intel Quartus Prime Pro and Standard edition software for Linux.
How severe is CVE-2023-24016?
CVE-2023-24016 has a severity value of 7.3, which is considered high.
Which software versions are affected by CVE-2023-24016?
CVE-2023-24016 affects Intel Quartus Prime Pro and Standard edition software for Linux up to version 22.1std (Standard edition) and version 22.4 (Pro edition).
How can an authenticated user exploit CVE-2023-24016?
An authenticated user can potentially exploit CVE-2023-24016 by taking advantage of the uncontrolled search path element in the affected Intel Quartus Prime software for Linux to escalate privileges locally.
Is the Linux kernel vulnerable to CVE-2023-24016?
No, the Linux kernel itself is not vulnerable to CVE-2023-24016.
- collector/nvd-api
- collector/nvd-index
- agent/event
- agent/references
- agent/severity
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel quartus prime
- vendor/linux
- canonical/linux linux kernel