Improper access control in some QATzip software maintained by Intel(R) before version 1.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. Affects QATzip before version 1.0.9. http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00765.html
This issue was fixed upstream in version 1.0.9. The qatzip packages as shipped in following Red Hat products were previously updated to a version that contains the fix via the following errata: qatzip in Red Hat Enterprise Linux 8 https://access.redhat.com/errata/RHBA-2022:7667 qatzip in Red Hat Enterprise Linux 9 https://access.redhat.com/errata/RHBA-2022:8256
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.0 Extended Update Support Via RHSA-2023:1976 https://access.redhat.com/errata/RHSA-2023:1976
This issue has been addressed in the following products: Red Hat Enterprise Linux 8.6 Extended Update Support Via RHSA-2023:3397 https://access.redhat.com/errata/RHSA-2023:3397
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-36369