Buffer overflow in Intel products - CVE-2023-29162

 

Buffer overflow in Intel products - CVE-2023-29162

Published: March 5, 2024


Vulnerability identifier: #VU87127
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2023-29162
CWE-ID: CWE-119
Exploitation vector: Local access
Exploit availability: No public exploit available
Vendor: Intel
Affected software:
Intel Cluster Checker
Intel Distribution for Python
Intel oneAPI AI Analytics Toolkit
Intel oneAPI Math Kernel Library
Intel VTune™ Profiler for oneAPI
Intel C++ Compiler Classic
Intel Integrated Performance Primitives
MPI Library
Intel Trace Analyzer and Collector
Intel Advisor for oneAPI
Intel Inspector for oneAPI
Intel IPP Cryptography
Intel oneAPI Base Toolkit
Intel oneAPI Deep Neural Network Library
Intel oneAPI HPC Toolkit
Intel oneAPI IoT Toolkit
Intel oneAPI Threading Building Blocks

Detailed vulnerability description

The vulnerability allows a local user to execute arbitrary code on the target system.

The vulnerability exists due to a boundary error. A local administrator can trigger memory corruption and execute arbitrary code on the target system with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


How to mitigate CVE-2023-29162

Install updates from vendor's website.

Sources