Dell client platform security update for Intel Integrated Sensor Solution

Published: 2023-02-23

Risk	Low
Patch available	YES
Number of vulnerabilities	1
CVE-ID	CVE-2022-30339
CWE-ID	CWE-125
Exploitation vector	Local
Public exploit	N/A
Vulnerable software Subscribe	XPS 17 9720 Hardware solutions / Firmware XPS 17 9710 Hardware solutions / Firmware XPS 17 9700 Hardware solutions / Firmware XPS 15 9520 Hardware solutions / Firmware XPS 15 9510 Hardware solutions / Firmware XPS 15 9500 Hardware solutions / Firmware XPS 13 9320 Hardware solutions / Firmware XPS 13 9315 2-in-1 Hardware solutions / Firmware XPS 13 9315 Hardware solutions / Firmware XPS 13 9310 2-in-1 Hardware solutions / Firmware XPS 13 9310 Hardware solutions / Firmware Vostro 7620 Hardware solutions / Firmware Vostro 7510 Hardware solutions / Firmware Vostro 7500 Hardware solutions / Firmware Vostro 5620 Hardware solutions / Firmware Vostro 5510 Hardware solutions / Firmware Vostro 5502 Hardware solutions / Firmware Vostro 5410 Hardware solutions / Firmware Vostro 5402 Hardware solutions / Firmware Vostro 5320 Hardware solutions / Firmware Vostro 5310 Hardware solutions / Firmware Vostro 5301 Hardware solutions / Firmware Vostro 5300 Hardware solutions / Firmware Precision 7770 Hardware solutions / Firmware Precision 7750 Hardware solutions / Firmware Precision 7670 Hardware solutions / Firmware Precision 7550 Hardware solutions / Firmware Precision 5770 Hardware solutions / Firmware Precision 5760 Hardware solutions / Firmware Precision 5750 Hardware solutions / Firmware Precision 5570 Hardware solutions / Firmware Precision 5560 Hardware solutions / Firmware Precision 5550 Hardware solutions / Firmware Precision 5470 Hardware solutions / Firmware Precision 3571 Hardware solutions / Firmware Precision 3570 Hardware solutions / Firmware Precision 3561 Hardware solutions / Firmware Precision 3560 Hardware solutions / Firmware Precision 3470 Hardware solutions / Firmware Latitute 5421 Hardware solutions / Firmware Latitude 9520 Hardware solutions / Firmware Latitude 9510 Hardware solutions / Firmware Latitude 9420 Hardware solutions / Firmware Latitude 9410 Hardware solutions / Firmware Latitude 7530 Hardware solutions / Firmware Latitude 7520 Hardware solutions / Firmware Latitude 7430 Hardware solutions / Firmware Latitude 7420 Hardware solutions / Firmware Latitude 7410 Hardware solutions / Firmware Latitude 7330 Hardware solutions / Firmware Latitude 7320 Detachable Hardware solutions / Firmware Latitude 7320 Hardware solutions / Firmware Latitude 7310 Hardware solutions / Firmware Latitude 7210 2-in-1 Hardware solutions / Firmware Latitude 5531 Hardware solutions / Firmware Latitude 5530 Hardware solutions / Firmware Latitude 5521 Hardware solutions / Firmware Latitude 5520 Hardware solutions / Firmware Latitude 5431 Hardware solutions / Firmware Latitude 5430 Hardware solutions / Firmware Latitude 5420 Hardware solutions / Firmware Latitude 5330 Hardware solutions / Firmware Latitude 5320 Hardware solutions / Firmware Latitude 5310 2-IN-1 Hardware solutions / Firmware Latitude 3530 Hardware solutions / Firmware Latitude 3520 Hardware solutions / Firmware Latitude 3510 Hardware solutions / Firmware Latitude 3430 Hardware solutions / Firmware Latitude 3420 Hardware solutions / Firmware Latitude 3410 Hardware solutions / Firmware Latitude 3330 Hardware solutions / Firmware Latitude 3320 Hardware solutions / Firmware Inspiron 7706 2-in-1 Hardware solutions / Firmware Inspiron 7620 Hardware solutions / Firmware Inspiron 7610 Hardware solutions / Firmware Inspiron 7510 Hardware solutions / Firmware Inspiron 7506 2-in-1 Hardware solutions / Firmware Inspiron 7501 Hardware solutions / Firmware Inspiron 7500 2-in-1 Black Hardware solutions / Firmware Inspiron 7500 Hardware solutions / Firmware Inspiron 7420 Hardware solutions / Firmware Inspiron 7400 Hardware solutions / Firmware Inspiron 7306 2-in-1 Hardware solutions / Firmware Inspiron 7300 2-in-1 Hardware solutions / Firmware Inspiron 7300 Hardware solutions / Firmware Inspiron 5620 Hardware solutions / Firmware Inspiron 5510 Hardware solutions / Firmware Inspiron 5509 Hardware solutions / Firmware Inspiron 5502 Hardware solutions / Firmware Inspiron 5420 Hardware solutions / Firmware Inspiron 5409 Hardware solutions / Firmware Inspiron 5406 2-in-1 Hardware solutions / Firmware Inspiron 5402 Hardware solutions / Firmware Inspiron 5320 Hardware solutions / Firmware Inspiron 5310 Hardware solutions / Firmware Inspiron 5301 Hardware solutions / Firmware Inspiron 5300 Hardware solutions / Firmware Inspiron 16 Plus 7620 Hardware solutions / Firmware Inspiron 14 Plus 7420 Hardware solutions / Firmware Inspiron 14 5410 2-in-1 Hardware solutions / Firmware Dell G7 17 7700 Hardware solutions / Firmware Dell G7 15 7500 Hardware solutions / Firmware Dell G5 15 5500 Hardware solutions / Firmware Dell G3 3500 Hardware solutions / Firmware Alienware x17 R2 Hardware solutions / Firmware Alienware x17 R1 Hardware solutions / Firmware Alienware x15 R2 Hardware solutions / Firmware Alienware x15 R1 Hardware solutions / Firmware Alienware x14 Hardware solutions / Firmware Alienware m17 R4 Hardware solutions / Firmware Alienware m17 R3 Hardware solutions / Firmware Alienware m15 R4 Hardware solutions / Firmware Alienware m15 R3 Hardware solutions / Firmware Latitude 5421 Hardware solutions / Firmware
Vendor	Dell

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Out-of-bounds read

EUVDB-ID: #VU72502

Risk: Low

CVSSv3.1: 5.2 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-30339

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition in firmware. A local administrator can trigger an out-of-bounds read error and cause a denial of service condition on the system.

Mitigation

Install update from vendor's website.

Vulnerable software versions

XPS 17 9720: before 3.10.100.4572

XPS 17 9710: before 3.10.100.4477

XPS 17 9700: before 3.10.100.4140

XPS 15 9520: before 3.10.100.4572

XPS 15 9510: before 3.10.100.4477

XPS 15 9500: before 3.10.100.4140

XPS 13 9320: before 3.10.100.4572

XPS 13 9315 2-in-1: before 3.10.100.4572

XPS 13 9315: before 3.10.100.4572

XPS 13 9310 2-in-1: before 3.10.100.4477

XPS 13 9310: before 3.12.1

Vostro 7620: before 3.10.100.4572

Vostro 7510: before 3.10.100.4477

Vostro 7500: before 3.10.100.4140

Vostro 5620: before 3.10.100.4572

Vostro 5510: before 3.10.100.4477

Vostro 5502: before 3.10.100.4477

Vostro 5410: before 3.10.100.4477

Vostro 5402: before 3.10.100.4477

Vostro 5320: before 3.10.100.4572

Vostro 5310: before Pending

Vostro 5301: before 3.10.100.4477

Vostro 5300: before 3.10.100.4140

Precision 7770: before 3.10.100.4572

Precision 7750: before 3.10.100.4140

Precision 7670: before 3.10.100.4572

Precision 7550: before 3.10.100.4140

Precision 5770: before 3.10.100.4572

Precision 5760: before 3.10.100.4477

Precision 5750: before 3.10.100.4140

Precision 5570: before 3.10.100.4572

Precision 5560: before 3.10.100.4477

Precision 5550: before 3.10.100.4140

Precision 5470: before 3.10.100.4572

Precision 3571: before 3.10.100.4572

Precision 3570: before 3.10.100.4572

Precision 3561: before 3.10.100.4477

Precision 3560: before 3.10.100.4477

Precision 3470: before 3.10.100.4572

Latitute 5421: before 3.10.100.4477

Latitude 9520: before 3.10.100.4477

Latitude 9510: before 3.10.100.4140

Latitude 9420: before 3.10.100.4477

Latitude 9410: before 3.10.100.4140

Latitude 7530: before 3.10.100.4572

Latitude 7520: before 3.10.100.4477

Latitude 7430: before 3.10.100.4572

Latitude 7420: before 3.10.100.4477

Latitude 7410: before 3.10.100.4140

Latitude 7330: before 3.10.100.4572

Latitude 7320 Detachable: before 3.10.100.4477

Latitude 7320: before 3.10.100.4477

Latitude 7310: before 3.10.100.4140

Latitude 7210 2-in-1: before 3.10.100.4140

Latitude 5531: before 3.10.100.4572

Latitude 5530: before 3.10.100.4572

Latitude 5521: before 3.10.100.4477

Latitude 5520: before 3.10.100.4477

Latitude 5431: before 3.10.100.4572

Latitude 5430: before 3.10.100.4572

Latitude 5420: before 3.10.100.4477

Latitude 5330: before 3.10.100.4572

Latitude 5320: before 3.10.100.4477

Latitude 5310 2-IN-1: before 3.10.100.4140

Latitude 3530: before 3.10.100.4572

Latitude 3520: before 3.10.100.4477

Latitude 3510: before 3.10.100.4140

Latitude 3430: before 3.10.100.4572

Latitude 3420: before 3.10.100.4477

Latitude 3410: before 3.10.100.4140

Latitude 3330: before Pending

Latitude 3320: before 3.10.100.4477

Inspiron 7706 2-in-1: before 3.10.100.4477

Inspiron 7620: before 3.10.100.4572

Inspiron 7610: before 3.10.100.4477

Inspiron 7510: before 3.10.100.4477

Inspiron 7506 2-in-1: before 3.10.100.4477

Inspiron 7501: before 3.10.100.4140

Inspiron 7500 2-in-1 Black: before 3.10.100.4140

Inspiron 7500: before 3.10.100.4140

Inspiron 7420: before 3.10.100.4572

Inspiron 7400: before 3.10.100.4477

Inspiron 7306 2-in-1: before 3.10.100.4477

Inspiron 7300 2-in-1: before 3.10.100.4140

Inspiron 7300: before 3.10.100.4477

Inspiron 5620: before 3.10.100.4572

Inspiron 5510: before 3.10.100.4477

Inspiron 5509: before 3.10.100.4477

Inspiron 5502: before 3.10.100.4477

Inspiron 5420: before 3.10.100.4572

Inspiron 5409: before 3.10.100.4477

Inspiron 5406 2-in-1: before 3.10.100.4477

Inspiron 5402: before 3.10.100.4477

Inspiron 5320: before 3.10.100.4572

Inspiron 5310: before Pending

Inspiron 5301: before 3.10.100.4477

Inspiron 5300: before 3.10.100.4140

Inspiron 16 Plus 7620: before 3.10.100.4572

Inspiron 14 Plus 7420: before 3.10.100.4572

Inspiron 14 5410 2-in-1: before 3.10.100.4477

Dell G7 17 7700: before 3.10.100.4140

Dell G7 15 7500: before 3.10.100.4140

Dell G5 15 5500: before 3.10.100.4140

Dell G3 3500: before 3.10.100.4140

Alienware x17 R2: before 3.1.0.4572

Alienware x17 R1: before 3.1.0.4477

Alienware x15 R2: before 3.1.0.4572

Alienware x15 R1: before 3.1.0.4477

Alienware x14: before 3.1.0.4572

Alienware m17 R4: before 3.1.0.4140

Alienware m17 R3: before 3.1.0.4140

Alienware m15 R4: before 3.1.0.4140

Alienware m15 R3: before 3.1.0.4140

Latitude 5421: before 1.18.0

External links

http://www.dell.com/support/kbdoc/nl-nl/000208514/dsa-2023-066

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.