CVE-2022-26345

Name
CVE-2022-26345
Description
Uncontrolled search path element in the Intel(R) oneAPI Toolkit OpenMP before version 2022.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
MISC http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00674.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:intel:openmp:*:*:*:*:*:*:*:* openmp >= None < 2022.1

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
openmp 3.18-community 16.0.6-r0 psykose <alice@ayaya.dev> possibly vulnerable
openmp 3.19-community 17.0.5-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
openmp 3.20-community 17.0.6-r0 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable
openmp edge-community 18.1.8-r1 Natanael Copa <ncopa@alpinelinux.org> possibly vulnerable