{
  "threat_severity" : "Low",
  "public_date" : "2023-08-08T00:00:00Z",
  "bugzilla" : {
    "description" : "hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi",
    "id" : "2238964",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2238964"
  },
  "cvss3" : {
    "cvss3_base_score" : "3.8",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
    "status" : "verified"
  },
  "cwe" : "CWE-20",
  "details" : [ "Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.", "An improper input validation flaw was found in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software that may allow an authenticated user to enable escalation of privilege via local access." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "release_date" : "2024-06-17T00:00:00Z",
    "advisory" : "RHSA-2024:3939",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7",
    "package" : "linux-firmware-0:20200421-83.git78c0348.el7_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-01-10T00:00:00Z",
    "advisory" : "RHBA-2024:0115",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "linux-firmware-0:20230824-120.git0e048b06.el8_9"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-11-07T00:00:00Z",
    "advisory" : "RHSA-2023:6595",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "linux-firmware-0:20230814-140.el9_3"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2022-38076\nhttps://nvd.nist.gov/vuln/detail/CVE-2022-38076\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html" ],
  "name" : "CVE-2022-38076",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}