CVE-2022-36382

CVSS V2 None CVSS V3 None
Description
Out-of-bounds write in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 1.7.0.8 and some Intel(R) Ethernet 700 Series Controllers and Adapters before version 9.101 may allow a privileged user to potentially enable denial of service via local access.
Overview
  • CVE ID
  • CVE-2022-36382
  • Assigner
  • secure@intel.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-02-16T21:15:13
  • Last Modified Date
  • 2023-03-07T22:03:21
Weakness Enumerations
CWE URL
CWE-787 http://cwe.mitre.org/data/definitions/787.html
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
AND
cpe:2.3:o:intel:ethernet_network_controller_e810-cam1_firmware:*:*:*:*:*:*:*:* 1 OR 1.7.0.8
cpe:2.3:h:intel:ethernet_network_controller_e810-cam1:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_network_controller_e810-cam2_firmware:*:*:*:*:*:*:*:* 1 OR 1.7.0.8
cpe:2.3:h:intel:ethernet_network_controller_e810-cam2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_network_controller_e810-xxvam2_firmware:*:*:*:*:*:*:*:* 1 OR 1.7.0.8
cpe:2.3:h:intel:ethernet_network_controller_e810-xxvam2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_controller_x710-am2_firmware:*:*:*:*:*:*:*:* 1 OR 9.101
cpe:2.3:h:intel:ethernet_controller_x710-am2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_controller_x710-bm2_firmware:*:*:*:*:*:*:*:* 1 OR 9.101
cpe:2.3:h:intel:ethernet_controller_x710-bm2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_controller_xl710-am1_firmware:*:*:*:*:*:*:*:* 1 OR 9.101
cpe:2.3:h:intel:ethernet_controller_xl710-am1:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_controller_xl710-am2_firmware:*:*:*:*:*:*:*:* 1 OR 9.101
cpe:2.3:h:intel:ethernet_controller_xl710-am2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_controller_xl710-bm1_firmware:*:*:*:*:*:*:*:* 1 OR 9.101
cpe:2.3:h:intel:ethernet_controller_xl710-bm1:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_controller_xl710-bm2_firmware:*:*:*:*:*:*:*:* 1 OR 9.101
cpe:2.3:h:intel:ethernet_controller_xl710-bm2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_controller_xxv710-am1_firmware:*:*:*:*:*:*:*:* 1 OR 9.101
cpe:2.3:h:intel:ethernet_controller_xxv710-am1:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_controller_xxv710-am2_firmware:*:*:*:*:*:*:*:* 1 OR 9.101
cpe:2.3:h:intel:ethernet_controller_xxv710-am2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_converged_network_adapter_x710-da2_firmware:*:*:*:*:*:*:*:* 1 OR 9.101
cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da2:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_converged_network_adapter_x710-da4_firmware:*:*:*:*:*:*:*:* 1 OR 9.101
cpe:2.3:h:intel:ethernet_converged_network_adapter_x710-da4:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_converged_network_adapter_xl710-da1_firmware:*:*:*:*:*:*:*:* 1 OR 9.101
cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-da1:-:*:*:*:*:*:*:* 0 OR
AND
cpe:2.3:o:intel:ethernet_converged_network_adapter_xl710-da2_firmware:*:*:*:*:*:*:*:* 1 OR 9.101
cpe:2.3:h:intel:ethernet_converged_network_adapter_xl710-da2:-:*:*:*:*:*:*:* 0 OR
References
Reference URL Reference Tags
http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00754.html Vendor Advisory
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2022-36382
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36382
History
Created Old Value New Value Data Type Notes
2023-04-17 07:54:32 Added to TrackCVE
2023-04-17 07:54:34 Weakness Enumeration new