Greg Thomas

**Name of the Vulnerable Software and Affected Versions** Intel(R) QAT Library versions prior to 22.07.1 **Description** The issue is related to improper buffer restrictions, which may allow a privileged user to potentially enable information disclosure via local access. **Recommendations** For versions prior to 22.07.1, update to version 22.07.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Intel(R) QAT drivers for Linux versions prior to 4.17 **Description** The issue is related to incorrect default permissions in the software installer for some Intel(R) QAT drivers, which may allow an authenticated user to potentially enable escalation of privilege via local access. This could allow an attacker to elevate their privileges. **Recommendations** For versions prior to 4.17, update to version 4.17 or later to resolve the issue. As a temporary workaround, consider restricting access to the affected installer components to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** QATzip software maintained by Intel(R) versions prior to 1.0.9 **Description** The issue is related to improper access control in QATzip software, which may allow an authenticated user to potentially enable escalation of privilege via local access. **Recommendations** For versions prior to 1.0.9, update to version 1.0.9 or later to resolve the issue.