#VU103983 Input validation error in Intel products - CVE-2024-42410

Vulnerability identifier: #VU103983

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2024-42410

CWE-ID: CWE-20

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
7th Gen Intel Core Processors
8th Gen Intel Core processor
10th Generation Intel Core Processors
Intel Core Processors with Intel Hybrid Technology
Intel Atom Processors
Intel Pentium Processors
Intel Celeron Processors
11th Generation Intel Core Processors
12th Generation Intel Core Processors
13th Generation Intel Core Processors
14th Generation Intel Core Processors
Intel Iris Xe Dedicated Graphics
Intel Arc Pro Graphics family
Intel Data Center GPU Flex 140
Intel Data Center GPU Flex 170
9th Generation Intel Core Processors
Intel Arc Graphics family
Intel Core Ultra processor
Intel Arc & Iris Xe Graphics for Windows
Intel Arc Pro Graphics for Windows
Intel Data Center GPU Flex for Windows
Intel Graphics Driver for Windows

Software vendor:
Intel

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of user-supplied input. A local user can pass specially crafted input to the application and perform a denial of service (DoS) attack.

Install update from vendor's website.

• https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01235.html