CVE-2022-29494

Summary

CVE	CVE-2022-29494
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2023-02-16 21:15:00 UTC
Updated	2023-08-08 14:21:00 UTC
Description	Improper input validation in firmware for OpenBMC in some Intel(R) platforms before versions egs-0.91-179 and bhs-04-45 may allow an authenticated user to potentially enable denial of service via network access.

Risk And Classification

Problem Types: CWE-20

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Intel	C621a	-	All	All	All
Hardware	Intel	C627a	-	All	All	All
Hardware	Intel	C629a	-	All	All	All
Hardware	Intel	C741	-	All	All	All
Operating System	Intel	Openbmc	All	All	All	All
Hardware	Intel	Xeon Gold 5315y	-	All	All	All
Hardware	Intel	Xeon Gold 5317	-	All	All	All
Hardware	Intel	Xeon Gold 5318h	-	All	All	All
Hardware	Intel	Xeon Gold 5318n	-	All	All	All
Hardware	Intel	Xeon Gold 5318s	-	All	All	All
Hardware	Intel	Xeon Gold 5318y	-	All	All	All
Hardware	Intel	Xeon Gold 5320	-	All	All	All
Hardware	Intel	Xeon Gold 5320h	-	All	All	All
Hardware	Intel	Xeon Gold 5320t	-	All	All	All
Hardware	Intel	Xeon Gold 6312u	-	All	All	All
Hardware	Intel	Xeon Gold 6314u	-	All	All	All
Hardware	Intel	Xeon Gold 6326	-	All	All	All
Hardware	Intel	Xeon Gold 6328h	-	All	All	All
Hardware	Intel	Xeon Gold 6328hl	-	All	All	All
Hardware	Intel	Xeon Gold 6330	-	All	All	All
Hardware	Intel	Xeon Gold 6330h	-	All	All	All
Hardware	Intel	Xeon Gold 6330n	-	All	All	All
Hardware	Intel	Xeon Gold 6334	-	All	All	All
Hardware	Intel	Xeon Gold 6336y	-	All	All	All
Hardware	Intel	Xeon Gold 6338	-	All	All	All
Hardware	Intel	Xeon Gold 6338n	-	All	All	All
Hardware	Intel	Xeon Gold 6338t	-	All	All	All
Hardware	Intel	Xeon Gold 6342	-	All	All	All
Hardware	Intel	Xeon Gold 6346	-	All	All	All
Hardware	Intel	Xeon Gold 6348	-	All	All	All
Hardware	Intel	Xeon Gold 6348h	-	All	All	All
Hardware	Intel	Xeon Gold 6354	-	All	All	All
Hardware	Intel	Xeon Platinum 8351n	-	All	All	All
Hardware	Intel	Xeon Platinum 8352m	-	All	All	All
Hardware	Intel	Xeon Platinum 8352s	-	All	All	All
Hardware	Intel	Xeon Platinum 8352v	-	All	All	All
Hardware	Intel	Xeon Platinum 8352y	-	All	All	All
Hardware	Intel	Xeon Platinum 8353h	-	All	All	All
Hardware	Intel	Xeon Platinum 8354h	-	All	All	All
Hardware	Intel	Xeon Platinum 8356h	-	All	All	All
Hardware	Intel	Xeon Platinum 8358	-	All	All	All
Hardware	Intel	Xeon Platinum 8358p	-	All	All	All
Hardware	Intel	Xeon Platinum 8360h	-	All	All	All
Hardware	Intel	Xeon Platinum 8360hl	-	All	All	All
Hardware	Intel	Xeon Platinum 8360y	-	All	All	All
Hardware	Intel	Xeon Platinum 8362	-	All	All	All
Hardware	Intel	Xeon Platinum 8368	-	All	All	All
Hardware	Intel	Xeon Platinum 8368q	-	All	All	All
Hardware	Intel	Xeon Platinum 8376h	-	All	All	All
Hardware	Intel	Xeon Platinum 8376hl	-	All	All	All
Hardware	Intel	Xeon Platinum 8380	-	All	All	All
Hardware	Intel	Xeon Platinum 8380h	-	All	All	All
Hardware	Intel	Xeon Platinum 8380hl	-	All	All	All
Hardware	Intel	Xeon Silver 4309y	-	All	All	All
Hardware	Intel	Xeon Silver 4310	-	All	All	All
Hardware	Intel	Xeon Silver 4310t	-	All	All	All
Hardware	Intel	Xeon Silver 4314	-	All	All	All
Hardware	Intel	Xeon Silver 4316	-	All	All	All

References

Reference	Source	Link	Tags
INTEL-SA-00737	MISC	www.intel.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.