Intel’s official website recently released an announcement, disclosing a vulnerability code named INTEL-SA-00812, which will affect some Iris A770 / A750 graphics cards sold between October and December last year.
The severity of this vulnerability is moderate and there is a risk of denial of service or information disclosure.
Attaches a detailed description as follows:
CVE-2022-41984: Certain Iris A770 / A750 graphics cards have a hardware protection mechanism failure where a privileged user can enable denial of service, CVSS Base Score 4.4 (Medium).
CVE-2022-38973: Certain Iris A770/A750 graphics cards may allow denial of service for authenticated users via local access, or improper access control in information disclosure scenarios, with a base CVSS score of 3.3 (low).
In both cases above, the user is allowed to exploit the vulnerability through local access, and the attacker can launch a DoS attack.
However, as of press time, Intel has not stated in the announcement whether it will release firmware updates or patches but advises consumers who purchase these two graphics cards during October-December 2022 to contact the Intel product support department in their region for assistance.