Intel has disclosed a new vulnerability (INTEL-SA-00812) that affects the company’s Arc A770 and Arc A750, two of the best graphics cards. Classified with a medium severity rating, the potential security flaw may permit denial of service or information disclosure.
It certainly hasn’t been a good week for Intel. After a year-long embargo, the chipmaker had finally lifted the curtains Downfall, a vulnerability with costly performance penalties that impacts multiple generations of Intel processors. And now, Intel’s internal team has discovered vulnerabilities with Arc A770 and Arc A750 graphics cards sold between October and December 2022. The advisory seemingly indicates that the flaw isn’t widespread but only affects batches sold during the mentioned timeframe.
The security vulnerability encompasses two issues. CVE-2022-41984 describes a protection mechanism failure in some Arc A770 and Arc A750 graphics cards where a privileged user can enable a denial of service. On the other hand, CVE-2022-38973 talks about improper access control in a scenario where an authenticated user can allow denial of service or information disclosure. In both occasions, the user can exploit the vulnerability through local access.
Intel doesn’t confirm whether it has or will release a firmware update or software fix to mitigate the recently-unearthed vulnerabilities. The chipmaker recommends that consumers who bought an Arc A770 or Arc A750 between October to December 2022 contact Intel product support in their region for help.