Intel NPU Drivers Denial-of-Service Vulnerability
Vulnerability
A denial-of-service vulnerability has been identified in some Intel NPU Drivers for both Linux and Windows. The issue arises from improper condition checks in the firmware, which may allow an unprivileged software adversary with an authenticated user to disrupt service. This vulnerability can potentially be exploited through local access, without special internal knowledge, and requires no user interaction. The flaw significantly impacts the availability of the affected system.
Impact
Exploitation of this vulnerability leads to a denial-of-service condition, causing a significant disruption in the availability of the affected system.
Remediation
Users are advised to update the Intel NPU Driver for Linux to version 1.24.0 or later. For Windows, the driver should be updated to version 32.0.100.4297 or later. The Linux driver is available on the Intel GitHub releases page, while the Windows driver can be downloaded from the Intel Download Center.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.