Intel® HPC Toolkit
Get help with building, analyzing, optimizing, and scaling high-performance computing (HPC) applications.
2141 Discussions

Regarding for CVE-2022-41342 of INTEL-SA-00773

N2020
Beginner
574 Views

According to the article at the following URL

URL:  https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00773.html


/---
CVEID: CVE-2022-41342
Description: Improper buffer restrictions the Intel(R) C++ Compiler Classic before version 2021.8 for some Intel(R) oneAPI Toolkits before version 2022.3.1 may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:L
---/

 

The Intel C++ Compiler Classic before 2021.8 for some Intel oneAPI Toolkits before 2022.3.1 is improper for CVE-2022-41342.
But Intel oneAPI Toolkits 2022.3.1 doesn't include the Intel C++ Compiler Classic 2021.8 but 2021.7.1.
On the other hand, oneAPI Toolkits 2023.0.0 includes Intel C++ Compiler Classic 2021.8.
Which version of oneAPI is fine for this problem (CVE-2022-41342)?

oneAPI 2022.3.1 or 2023.0.0?

 

 

0 Kudos
4 Replies
ShivaniK_Intel
Moderator
504 Views

Hi,

 

Thanks for posting in the Intel forums.

 

We are working on it and will get back to you soon.

 

Thanks & Regards

Shivani

 

0 Kudos
ShivaniK_Intel
Moderator
457 Views

Hi,


 As a part of the overall Intel oneAPI 2023.0, HPC Toolkit 2023.0, includes all recent updates, that contain Intel® C++ Compiler Classic 2021.8 with the fix.


Thanks & Regards

Shivani  


0 Kudos
ShivaniK_Intel
Moderator
412 Views

Hi,


As we did not hear back from you could you please let us know whether your issue is resolved or not?


Thanks & Regards

Shivani


0 Kudos
ShivaniK_Intel
Moderator
378 Views

Hi,


I have not heard back from you. This thread will be no longer monitored by Intel. If you need further assistance, please post a new question.


Thanks & Regards

Shivani




0 Kudos
Reply