PT-2018-3333 · Intel · Intel Smart Sound Technology

Published

2018-07-24

Updated

2018-10-01

CVE-2018-3670

CVSS v3.1

8.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Intel Smart Sound Technology versions prior to 9.21.00.3541

Description: The issue is related to a buffer overflow in the driver module of Intel Smart Sound Technology. This could potentially allow a local attacker to execute arbitrary code with elevated privileges. The vulnerability is associated with a memory buffer overflow operation.

Recommendations: For versions prior to 9.21.00.3541, update to version 9.21.00.3541 or later to resolve the issue. As a temporary workaround, consider restricting access to the driver module to minimize the risk of exploitation.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

BDU:2019-04868

CVE-2018-3670

Affected Products

Intel Smart Sound Technology

PT-2018-3333 · Intel · Intel Smart Sound Technology

CVE-2018-3670

Weakness Enumeration

Related Identifiers

Affected Products

References · 5