Summaryinfo

A vulnerability was found in Intel Trace Analyzer and Collector. It has been rated as problematic. Affected by this vulnerability is an unknown functionality. This manipulation causes null pointer dereference. This vulnerability appears as CVE-2022-42878. The attack requires local access. There is no available exploit. Upgrading the affected component is advised. Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Detailsinfo

A vulnerability has been found in Intel Trace Analyzer and Collector and classified as problematic. Affected by this vulnerability is an unknown function. The manipulation with an unknown input leads to a null pointer dereference vulnerability. The CWE definition for the vulnerability is CWE-476. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. As an impact it is known to affect confidentiality. The summary by CVE is:

Null pointer dereference for some Intel(R) Trace Analyzer and Collector software before version 2021.8.0 published Dec 2022 may allow an authenticated user to potentially enable information disclosure via local access.

The weakness was presented 05/10/2023 as intel-sa-00805. The advisory is shared at intel.com. This vulnerability is known as CVE-2022-42878 since 10/12/2022. Neither technical details nor an exploit are publicly available.

Upgrading to version 2021.8.0 eliminates this vulnerability.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

Productinfo

Vendor

• Intel

Name

• Trace Analyzer and Collector

Version

• 2021.5

License

• commercial

Website

• Vendor: https://www.intel.com/

CPE 2.3info

• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion