PT-2024-10083 · Intel+1 · Intel Qat Engine For Openssl+1

Alicja Kario

Published

2024-11-13

Updated

2025-11-11

CVE-2024-33617

CVSS v4.0

8.2

High

Vector

AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions Intel QAT Engine for OpenSSL versions prior to v1.6.1

Description The issue is related to insufficient control flow management in the Intel QAT Engine for OpenSSL software, which may allow information disclosure via network access. This could enable a remote attacker to gain unauthorized access to protected information.

Recommendations For versions prior to v1.6.1, update to version v1.6.1 or later to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-691

Related Identifiers

BDU:2025-00256

CVE-2024-33617

SUSE-SU-2025:3942-1

SUSE-SU-2025:3943-1

SUSE-SU-2025:4053-1

Affected Products

Intel Qat Engine For Openssl

Suse

PT-2024-10083 · Intel+1 · Intel Qat Engine For Openssl+1

CVE-2024-33617

Weakness Enumeration

Related Identifiers

Affected Products

References · 17