Security Advisory

Intel Family Security Update Advisory

  • Mar 28 2024

Overview

 

Intel has released a security update that fixes vulnerabilities in products it has been made. users of affected products are advised to update to the latest version.

 

Affected Products

 

CVE-2023-32282

  • Intel® Celeron®: J6413, N6211
  • Intel® Pentium®: J6425, N6415
  • Intel® Atom®: x6211E, x6413E, x6425E, x6212RE,
    x6414RE, x6425RE, x6427FE, x6200FE
  • Intel® Core™ Processor Family 10th Gen
  • Intel® Core®:i7-11700T, i7-11700, i5-11400T, i5-11400, i5-11500T, i5-11500
  • Intel® Core Processor Family 11th Gen
  • Intel® Core™ Processor Family, Intel® Pentium® Gold Processor Family, Intel® Celeron® Processor Family 12th Generation

 

CVE-2023-35121

  • Intel® Advisor for oneAPI before version 2023.2.0.
  • Intel® Cluster Checker 2021.7.3.
  • Intel® Inspector for oneAPI before version 2023.2.0.
  • Intel® Integrated Performance Primitives 2021.9.0.
  • Intel® IPP Cryptography before version 2021.8.0.
  • Intel® Distribution for Python 2023.1.
  • Intel® MPI Library before version 2021.10.0.
  • Intel® oneAPI AI Analytics Toolkit 2023.2.
  • Intel® oneAPI Base Toolkit before version 2023.2.0.
  • Intel® oneAPI Deep Neural Network Library before version 2023.2.0.
  • Intel® oneAPI HPC Toolkit before version 2023.2.0.
  • Intel® oneAPI IoT Toolkit before version 2023.2.0.
  • Intel® oneAPI Math Kernel Library before version 2023.2.0.
  • Intel® oneAPI Threading Building Blocks before version 2021.10.0.
  • Intel® Trace Analyzer and Collector 2021.10.0.
  • Intel® VTune™ Profiler for oneAPI before version 2023.2.0.

 

Cve-2022-43701, cve-2022-43702, cve-2022-43703

  • All versions of Arm DS for Intel® SoC FPGA software

 

Cve-2023-32272, cve-2023-32544, cve-2023-38541, cve-2023-29244

  • Intel® NUC Pro Software Suite Configuration Tool software installer versions prior to 3.0.0.6
  • Intel HotKey Services software installer for Windows 10 for Intel® NUC P14E Laptop Element prior to 1.1.45
  • Intel® HID Event Filter software installer for Windows 10 for some Intel® NUC laptops prior to 2.2.2.1
  • Intel® Integrated Sensor Hub software installer for Windows 10 for Intel® NUC P14E Laptop Element 5.4.1.4479 and earlier

 

Resolved Vulnerabilities

 

Privilege escalation vulnerability due to a race condition in the BIOS firmware for some Intel(R ) processors (CVE-2023-32282)

privilege escalation vulnerability in the DPC++/C++ compiler for some Intel(R) oneAPI toolkits (CVE-2023-35121)

Privilege escalation vulnerability due to improper access control in some Arm DS for Intel® SoC FPGA installation software (CVE-2022-43702)

privilege escalation vulnerability due to incorrect default permissions in some Arm DS for Intel® SoC FPGA Installation Software (CVE-2022-43701)

Privilege escalation vulnerability due to an uncontrolled search path element in some Arm DS for Intel® SoC FPGA Installation Software (CVE-2022-43703)

Denial of Service Vulnerability in the Intel® NUC Pro Software Family Configuration Tool software installer due to uncontrolled search path (CVE-2023-32272)

Denial of Service Vulnerability due to Improper Access Control in the Intel HotKey Service for Windows 10 for Intel® NUC P14E Notebook Elements Software Installer (CVE-2023-32544)

Privilege escalation vulnerability due to insecure inheritance of privileges in the Intel® HID Event Filter Software Installer for Windows 10 for Intel® NUC Notebook Software (CVE-2023-38541)

Privilege escalation vulnerability due to incorrect default privileges in the Intel® Integrated Sensor Hub (ISH) software installer for Windows 10 for Intel® NUC P14E Notebook Element Software (CVE-2023-29244)

 

Vulnerability Patches

 

The following product-specific Vulnerability Patches have been made available in the latest update. For more information on Vulnerability Patches, please refer to the “Recommendations” section of the product-specific Referenced Sites document for updates.

The Intel Integrated Sensor Solution

Get updates through your system provider

 

Referenced Sites

 

[1] 2024.1 IPU – BIOS Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00929.html

[2] Intel® oneAPI Toolkit Software Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00988.html

[3] Arm DS for Intel® SoC FPGA Software Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00930.html

[4] Intel® NUC Software Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00964.html

Tags:

Previous Post

Next Post