Out-of-bounds read in Intel products - CVE-2022-35729
Published: March 9, 2023 / Updated: March 9, 2023
Vulnerability identifier: #VU73204
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2022-35729
CWE-ID: CWE-125
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
3rd Generation Intel Xeon Scalable Processors
Intel C620A Series Chipset
C740 series chipset
OpenBMC
3rd Generation Intel Xeon Scalable Processors
Intel C620A Series Chipset
C740 series chipset
OpenBMC
Detailed vulnerability description
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition in firmware. A remote attacker can trigger an out-of-bounds read error and cause a denial of service condition on the system.
How to mitigate CVE-2022-35729
Install updates from vendor's website.