Detections
Analytics

Intel oneAPI Math Kernel Library < 2025.2.0 DoS

medium Nessus Plugin ID 277102

Language:

Synopsis

The remote Windows host contains a library that is affected by multiple vulnerabilities.

Description

A DoS vulnerability exists in Intel oneAPI Math Kernel Library versions prior to 2025.2. Improper input validation for some Intel(R) oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Intel oneAPI Math Kernel Library to 2025.2 or later.

See Also

http://www.nessus.org/u?f6f8ca9f

Plugin Details

Severity: Medium

ID: 277102

File Name: intel_oneapi_math_library_2025_2_0.nasl

Version: 1.1

Type: local

Agent: windows

Family: Windows

Published: 12/3/2025

Updated: 12/3/2025

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Medium

Base Score: 6

Vector: CVSS2#AV:L/AC:H/Au:S/C:C/I:C/A:C

CVSS Score Source: CVE-2025-31948

CVSS v3

Risk Factor: Medium

Base Score: 6.7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CVSS Score Source: CVE-2025-31948

Vulnerability Information

CPE: cpe:/a:intel:oneapi_base_toolkit

Required KB Items: installed_sw/oneAPI Base Toolkit

Patch Publication Date: 11/11/2025

Vulnerability Publication Date: 11/11/2025

Reference Information

CVE: CVE-2025-31948

IAVA: 2025-A-0862