CVE-2022-38076 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	3.8 LOW	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 23%

Affected Products (NVD)

Vendor	Product	Version
intel	killer	𝑥 < 34.22.1163
intel	proset\/wireless_wifi	𝑥 < 22.200
intel	uefi_firmware	𝑥 < 3.2.20.23023
debian	debian_linux	10.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

firmware-nonfree

bookworm	ignored
bookworm/non-free-firmware	vulnerable
bullseye	no-dsa
bullseye/non-free	vulnerable
sid/non-free-firmware	20240909-2 fixed
trixie/non-free-firmware	20240909-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

linux-firmware

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
lunar	ignored
mantic	ignored
noble	needs-triage
trusty	needs-triage
xenial	needs-triage

Red Hat Enterprise Linux Releases

Red Hat Product

Release

iwl100-firmware

RHEL 7	0:39.31.5.1-83.el7_9 fixed
RHEL 8	0:39.31.5.1-120.el8_9.1 fixed
RHEL 9	0:39.31.5.1-140.el9_3 fixed

iwl1000-firmware

RHEL 7	1:39.31.5.1-83.el7_9 fixed
RHEL 8	1:39.31.5.1-120.el8_9.1 fixed
RHEL 9	1:39.31.5.1-140.el9_3 fixed

iwl105-firmware

RHEL 7	0:18.168.6.1-83.el7_9 fixed
RHEL 8	0:18.168.6.1-120.el8_9.1 fixed
RHEL 9	0:18.168.6.1-140.el9_3 fixed

iwl135-firmware

RHEL 7	0:18.168.6.1-83.el7_9 fixed
RHEL 8	0:18.168.6.1-120.el8_9.1 fixed
RHEL 9	0:18.168.6.1-140.el9_3 fixed

iwl2000-firmware

RHEL 7	0:18.168.6.1-83.el7_9 fixed
RHEL 8	0:18.168.6.1-120.el8_9.1 fixed
RHEL 9	0:18.168.6.1-140.el9_3 fixed

iwl2030-firmware

RHEL 7	0:18.168.6.1-83.el7_9 fixed
RHEL 8	0:18.168.6.1-120.el8_9.1 fixed
RHEL 9	0:18.168.6.1-140.el9_3 fixed

iwl3160-firmware

RHEL 7	0:25.30.13.0-83.el7_9 fixed
RHEL 8	1:25.30.13.0-120.el8_9.1 fixed
RHEL 9	1:25.30.13.0-140.el9_3 fixed

iwl3945-firmware

RHEL 7	0:15.32.2.9-83.el7_9 fixed
RHEL 8	0:15.32.2.9-120.el8_9.1 fixed

iwl4965-firmware

RHEL 7	0:228.61.2.24-83.el7_9 fixed
RHEL 8	0:228.61.2.24-120.el8_9.1 fixed

iwl5000-firmware

RHEL 7	0:8.83.5.1_1-83.el7_9 fixed
RHEL 8	0:8.83.5.1_1-120.el8_9.1 fixed
RHEL 9	0:8.83.5.1_1-140.el9_3 fixed

iwl5150-firmware

RHEL 7	0:8.24.2.2-83.el7_9 fixed
RHEL 8	0:8.24.2.2-120.el8_9.1 fixed
RHEL 9	0:8.24.2.2-140.el9_3 fixed

iwl6000-firmware

RHEL 7	0:9.221.4.1-83.el7_9 fixed
RHEL 8	0:9.221.4.1-120.el8_9.1 fixed

iwl6000g2a-firmware

RHEL 7	0:18.168.6.1-83.el7_9 fixed
RHEL 8	0:18.168.6.1-120.el8_9.1 fixed
RHEL 9	0:18.168.6.1-140.el9_3 fixed

iwl6000g2b-firmware

RHEL 7	0:18.168.6.1-83.el7_9 fixed
RHEL 8	0:18.168.6.1-120.el8_9.1 fixed
RHEL 9	0:18.168.6.1-140.el9_3 fixed

iwl6050-firmware

RHEL 7	0:41.28.5.1-83.el7_9 fixed
RHEL 8	0:41.28.5.1-120.el8_9.1 fixed
RHEL 9	0:41.28.5.1-140.el9_3 fixed

iwl7260-firmware

RHEL 7	0:25.30.13.0-83.el7_9 fixed
RHEL 8	1:25.30.13.0-120.el8_9.1 fixed
RHEL 9	1:25.30.13.0-140.el9_3 fixed

libertas-sd8686-firmware

RHEL 8

0:20230824-120.git0e048b06.el8_9

fixed

libertas-sd8787-firmware

RHEL 8	0:20230824-120.git0e048b06.el8_9 fixed
RHEL 9	0:20230814-140.el9_3 fixed

libertas-usb8388-firmware

RHEL 8

2:20230824-120.git0e048b06.el8_9

fixed

libertas-usb8388-olpc-firmware

RHEL 8

0:20230824-120.git0e048b06.el8_9

fixed

linux-firmware

RHEL 7	0:20200421-83.git78c0348.el7_9 fixed
RHEL 8	0:20230824-120.git0e048b06.el8_9 fixed
RHEL 9	0:20230814-140.el9_3 fixed

linux-firmware-whence

RHEL 9

0:20230814-140.el9_3

fixed

netronome-firmware

RHEL 9

0:20230814-140.el9_3

fixed

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html

https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html

https://lists.debian.org/debian-lts-announce/2023/09/msg00043.html

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HUCYUR4WBTELCRHELISJ3RMZVHKIV5TN/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K24OJT4AVMNND7LBTC2ZDDTE6DJHAKB4/

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y76A3PLHIQCEPESB4XVBV5SRRXQEZ5JY/