{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2022-36351", "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "state": "PUBLISHED", "assignerShortName": "intel", "dateReserved": "2022-08-10T03:00:23.005Z", "datePublished": "2023-08-11T02:36:54.506Z", "dateUpdated": "2024-08-03T10:00:04.535Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel", "dateUpdated": "2023-08-11T02:36:54.506Z"}, "problemTypes": [{"descriptions": [{"lang": "en", "description": "denial of service"}, {"lang": "en", "description": "Improper input validation", "cweId": "CWE-20", "type": "CWE"}]}], "affected": [{"vendor": "n/a", "product": "Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software", "versions": [{"version": "See references", "status": "affected"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access."}], "references": [{"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html", "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/"}, {"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "attackVector": "ADJACENT_NETWORK", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T10:00:04.535Z"}, "title": "CVE Program Container", "references": [{"name": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html", "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html", "tags": ["x_transferred"]}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:intel:killer:*:*:*:*:*:*:*:*", "matchCriteriaId": "8D000E1E-4DBE-47F1-B48F-577AFB0B9A3C", "versionEndExcluding": "34.22.1163", "vulnerable": true}, {"criteria": "cpe:2.3:a:intel:proset\\/wireless_wifi:*:*:*:*:*:*:*:*", "matchCriteriaId": "E22B4543-24F8-4EF5-A2EE-2F35FFDE39B8", "versionEndExcluding": "22.200", "vulnerable": true}, {"criteria": "cpe:2.3:a:intel:uefi_firmware:*:*:*:*:*:*:*:*", "matchCriteriaId": "C8EAFBED-37DE-4BAB-A498-DDE262F315F0", "versionEndExcluding": "3.2.20.23023", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:killer_wi-fi_6_ax1650:-:*:*:*:*:*:*:*", "matchCriteriaId": "7E239C04-1D6B-4305-9340-BFEC3E54E19A", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:killer_wi-fi_6e_ax1675:-:*:*:*:*:*:*:*", "matchCriteriaId": "35F09C95-25BD-440A-AD79-8510E54F8DD9", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:killer_wi-fi_6e_ax1690:-:*:*:*:*:*:*:*", "matchCriteriaId": "95537444-5F18-49E1-91D4-AB24B29DF4FF", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:wi-fi_6_ax101:-:*:*:*:*:*:*:*", "matchCriteriaId": "575B6D56-BF5F-4D79-A3D4-253BC199B483", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:wi-fi_6_ax200:-:*:*:*:*:*:*:*", "matchCriteriaId": "9D653F9C-5B2E-400F-8F50-BFE466F08F0E", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:wi-fi_6_ax201:-:*:*:*:*:*:*:*", "matchCriteriaId": "A0433774-9479-4A01-B697-1379AEA223C9", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:wi-fi_6_ax203:-:*:*:*:*:*:*:*", "matchCriteriaId": "E7B5478E-CE97-4514-A054-8BE1871623AC", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:wi-fi_6e_ax210:-:*:*:*:*:*:*:*", "matchCriteriaId": "54323008-43E6-4A85-BB92-F2EF6ED8E57C", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:wi-fi_6e_ax211:-:*:*:*:*:*:*:*", "matchCriteriaId": "C90E6127-7D01-49CE-96EF-9F4CB5891373", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:wi-fi_6e_ax411:-:*:*:*:*:*:*:*", "matchCriteriaId": "ADE89FD4-8B08-430E-976A-068DBF47F5F7", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access."}, {"lang": "es", "value": "La validaci\u00f3n de entrada incorrecta en algunos programas Intel(R) PROSet/Wireless WiFi y Killer(TM) WiFi puede permitir que un usuario no autenticado habilite potencialmente la denegaci\u00f3n de servicio a trav\u00e9s del acceso adyacente."}], "id": "CVE-2022-36351", "lastModified": "2023-11-07T03:49:36.463", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "secure@intel.com", "type": "Secondary"}]}, "published": "2023-08-11T03:15:12.807", "references": [{"source": "secure@intel.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html"}, {"source": "secure@intel.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html"}, {"source": "secure@intel.com", "tags": ["Mailing List"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/"}, {"source": "secure@intel.com", "tags": ["Mailing List"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/"}, {"source": "secure@intel.com", "tags": ["Mailing List"], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-20"}], "source": "secure@intel.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2024:3939", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "linux-firmware-0:20200421-83.git78c0348.el7_9", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2024-06-17T00:00:00Z"}, {"advisory": "RHSA-2023:6595", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "linux-firmware-0:20230814-140.el9_3", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2023-11-07T00:00:00Z"}], "bugzilla": {"description": "hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi", "id": "2238963", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2238963"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "verified"}, "cwe": "CWE-20", "details": ["Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access.", "An improper input validation flaw was found in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software that may allow an unauthenticated user to enable a denial of service via adjacent access."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."}, "name": "CVE-2022-36351", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Affected", "package_name": "linux-firmware", "product_name": "Red Hat Enterprise Linux 8"}], "public_date": "2023-08-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2022-36351\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-36351\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html"], "threat_severity": "Moderate", "upstream_fix": "linux-firmware 20230804"}