Bug 2209310 (CVE-2022-36397) - CVE-2022-36397 hw: Intel: Incorrect default peinrmissions in QAT driver enable escalation of privilege
Summary: CVE-2022-36397 hw: Intel: Incorrect default peinrmissions in QAT driver enabl...
Keywords:
Status: CLOSED NOTABUG
Alias: CVE-2022-36397
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 2171880
TreeView+ depends on / blocked
 
Reported: 2023-05-23 13:28 UTC by Rohit Keshri
Modified: 2023-05-23 18:42 UTC (History)
40 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in Intel. Incorrect default permissions in the software installer for some Intel(R) QAT drivers for the Linux Kernel may allow an authenticated user to enable privilege escalation via local access.
Clone Of:
Environment:
Last Closed: 2023-05-23 18:42:02 UTC
Embargoed:

Attachments (Terms of Use)

Description Rohit Keshri 2023-05-23 13:28:19 UTC 
Incorrect default permissions in the software installer for some Intel(R) QAT drivers for Linux before version 4.17 may allow an authenticated user to potentially enable escalation of privilege via local access.

Refer:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00751.html
Comment 3 Product Security DevOps Team 2023-05-23 18:41:59 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2022-36397
Note You need to log in before you can comment on or make changes to this bug.