Upstream information
CVE-2022-40964 at MITRE
Description
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access.
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having important severity.
CVSS v3 Scores
| CVSS detail | National Vulnerability Database |
|---|
| Base Score | 7.9 |
| Vector | CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:H |
| Attack Vector | Local |
| Attack Complexity | Low |
| Privileges Required | High |
| User Interaction | None |
| Scope | Changed |
| Confidentiality Impact | None |
| Integrity Impact | High |
| Availability Impact | High |
| CVSSv3 Version | 3.1 |
No SUSE Bugzilla entries cross referenced.
No SUSE Security Announcements cross referenced.
List of released packages
| Product(s) | Fixed package version(s) | References |
|---|
| SUSE Liberty Linux 7 | iwl100-firmware >= 39.31.5.1-83.el7_9iwl1000-firmware >= 39.31.5.1-83.el7_9iwl105-firmware >= 18.168.6.1-83.el7_9iwl135-firmware >= 18.168.6.1-83.el7_9iwl2000-firmware >= 18.168.6.1-83.el7_9iwl2030-firmware >= 18.168.6.1-83.el7_9iwl3160-firmware >= 25.30.13.0-83.el7_9iwl3945-firmware >= 15.32.2.9-83.el7_9iwl4965-firmware >= 228.61.2.24-83.el7_9iwl5000-firmware >= 8.83.5.1_1-83.el7_9iwl5150-firmware >= 8.24.2.2-83.el7_9iwl6000-firmware >= 9.221.4.1-83.el7_9iwl6000g2a-firmware >= 18.168.6.1-83.el7_9iwl6000g2b-firmware >= 18.168.6.1-83.el7_9iwl6050-firmware >= 41.28.5.1-83.el7_9iwl7260-firmware >= 25.30.13.0-83.el7_9linux-firmware >= 20200421-83.git78c0348.el7_9
| Patchnames:
RHSA-2024:3939 |
| SUSE Liberty Linux 9 | iwl100-firmware >= 39.31.5.1-140.el9_3iwl1000-firmware >= 39.31.5.1-140.el9_3iwl105-firmware >= 18.168.6.1-140.el9_3iwl135-firmware >= 18.168.6.1-140.el9_3iwl2000-firmware >= 18.168.6.1-140.el9_3iwl2030-firmware >= 18.168.6.1-140.el9_3iwl3160-firmware >= 25.30.13.0-140.el9_3iwl5000-firmware >= 8.83.5.1_1-140.el9_3iwl5150-firmware >= 8.24.2.2-140.el9_3iwl6000g2a-firmware >= 18.168.6.1-140.el9_3iwl6000g2b-firmware >= 18.168.6.1-140.el9_3iwl6050-firmware >= 41.28.5.1-140.el9_3iwl7260-firmware >= 25.30.13.0-140.el9_3libertas-sd8787-firmware >= 20230814-140.el9_3linux-firmware >= 20230814-140.el9_3linux-firmware-whence >= 20230814-140.el9_3netronome-firmware >= 20230814-140.el9_3
| Patchnames:
RHSA-2023:6595 |
SUSE Timeline for this CVE
CVE page created: Fri Aug 11 06:02:34 2023
CVE page last modified: Mon Oct 6 19:37:57 2025
