2238962 – (CVE-2022-40964) CVE-2022-40964 hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi

Bug 2238962 (CVE-2022-40964) - CVE-2022-40964 hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi

Summary: CVE-2022-40964 hw: intel: Improper access control for some Intel(R) PROSet/Wi...

Keywords:
Status:	NEW
Alias:	CVE-2022-40964
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2239143
Blocks:	2238972
TreeView+	depends on / blocked

Reported:	2023-09-14 14:48 UTC by Pedro Sampaio
Modified:	2024-07-16 15:36 UTC (History)
CC List:	6 users (show)
Fixed In Version:	linux-firmware-20230804
Doc Type:	If docs needed, set a value
Doc Text:	An improper access control flaw was found in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software that may allow a privileged user to enable escalation of privilege via local access.
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHSA-2023:6595	None	None	None	2023-11-07 08:20:52 UTC
Red Hat Product Errata	RHSA-2024:3422	None	None	None	2024-05-28 14:06:33 UTC
Red Hat Product Errata	RHSA-2024:3939	None	None	None	2024-06-17 00:45:34 UTC
Red Hat Product Errata	RHSA-2024:4575	None	None	None	2024-07-16 15:36:20 UTC

Description Pedro Sampaio 2023-09-14 14:48:03 UTC

Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.

References:

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html

Comment 2 Pedro Sampaio 2023-09-15 13:39:43 UTC

Created linux-firmware tracking bugs for this issue:

Affects: fedora-all [bug 2239143]

Comment 5 errata-xmlrpc 2023-11-07 08:20:50 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9

Via RHSA-2023:6595 https://access.redhat.com/errata/RHSA-2023:6595

Comment 12 errata-xmlrpc 2024-05-28 14:06:31 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 9.0 Extended Update Support

Via RHSA-2024:3422 https://access.redhat.com/errata/RHSA-2024:3422

Comment 13 errata-xmlrpc 2024-06-17 00:45:32 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2024:3939 https://access.redhat.com/errata/RHSA-2024:3939

Comment 14 errata-xmlrpc 2024-07-16 15:36:19 UTC

This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Advanced Update Support

Via RHSA-2024:4575 https://access.redhat.com/errata/RHSA-2024:4575

Note You need to log in before you can comment on or make changes to this bug.