Описание
Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Примечания
Intel firmware, there is no conclusive information if the blobs shipped in
firmware-nonfree are affected. If they are, they would get fixed via release updates
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html
Fixed firmware blobs:
ibt-18-16-1.sfi: FW Build: REL17064 Release Version: 22.20.0.3
ibt-hw-37.8.10-fw-22.50.19.14.f.bseq
Not shipped in Debian: Wi-Fi 6 AX200, Wireless-AC 9560, Wireless-AC 9462, Wireless-AC 9461, Dual Band Wireless-AC 3165
Intel seems to have missed the update for ibt-12-16.sfi, last update from May 2019
Intel seems to have missed the update for ibt-11-5.sfi, last update from Jan 2019
Связанные уязвимости
Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Insufficient control flow management in some Intel(R) PROSet/Wireless WiFi products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
Уязвимость утилиты для подключения к сети Intel PROSet/Wireless WiFi, связанная с недостаточным управлением потоком, позволяющая нарушителю повысить свои привилегии