CVE-2025-31948

Description

Improper input validation for some Intel(R) oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.

CVSS Details

CVSS Score

3.3

Severity

LOW

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Configurations (Affected Products)

No configuration data available.

Intel oneAPI Math Kernel Library < 2025.2

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

// CVE-2025-31948 PoC - Intel oneMKL Input Validation Issue
// Compile: gcc -o poc poc.c -lmkl_core
// Run: ./poc

#include <stdio.h>
#include <stdlib.h>

// Simulated vulnerable function signature
void vulnerable_mkl_function(double* input, int size) {
    // Intended to show the concept - actual PoC requires specific input
    // that triggers the validation issue in oneMKL
    for (int i = 0; i < size; i++) {
        if (input[i] < 0) {
            // Potential validation bypass scenario
            input[i] = input[i] * -1;
        }
    }
}

int main() {
    printf("CVE-2025-31948 PoC - Intel oneMKL Input Validation\n");
    printf("Note: This is a conceptual demonstration.\n");
    printf("Actual exploitation requires specific input patterns.\n");
    
    int size = 100;
    double* malicious_input = (double*)malloc(size * sizeof(double));
    
    // Initialize with crafted values
    for (int i = 0; i < size; i++) {
        malicious_input[i] = -1.0; // Edge case value
    }
    
    printf("Triggering vulnerable code path...\n");
    vulnerable_mkl_function(malicious_input, size);
    
    printf("Test completed. Check for application stability.\n");
    
    free(malicious_input);
    return 0;
}

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2025-31948
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2025-31948
[3] CVE Details https://www.cvedetails.com/cve/CVE-2025-31948/
[4] VulDB https://vuldb.com/cve/CVE-2025-31948
[5] https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01366.html

Raw JSON Data

JSON

{"cve": {"id": "CVE-2025-31948", "sourceIdentifier": "[email protected]", "published": "2025-11-11T17:15:48.583", "lastModified": "2026-04-15T00:35:42.020", "vulnStatus": "Deferred", "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper input validation for some Intel(R) oneAPI Math Kernel Library before version 2025.2 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts."}], "metrics": {"cvssMetricV40": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "4.0", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "baseScore": 4.8, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "confidentialityRequirement": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "availabilityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED"}}], "cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "baseScore": 3.3, "baseSeverity": "LOW", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "LOW"}, "exploitabilityScore": 1.8, "impactScore": 1.4}]}, "weaknesses": [{"source": "[email protected]", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-20"}]}], "references": [{"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01366.html", "source": "[email protected]"}]}}