CVE-2022-42878

Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.

Published: May 10, 2023
Updated: May 19, 2023
CVE: CVE-2022-42878
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CWEs:

CWE-476

Affected Software
References

Software	From	Fixed in
intel / trace_analyzer_and_collector	-	2021.8.0
intel / oneapi_hpc_toolkit	-	2023.0.0

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00805.html

Vulnerability Database

289,871

CVE-2022-42878