Insufficient Input Validation in Intel Ethernet 700 Series Controller Driver
CVE-2019-0147

5.5MEDIUM

Key Information:

Vendor
Intel
Status
2019.2 Ipu – Intel(r) Ethernet 700 Series Controllers
Vendor
CVE Published:
14 November 2019

Summary

The i40e driver for Intel Ethernet 700 Series Controllers contains a vulnerability due to insufficient input validation. This flaw may allow an authenticated local user to exploit the system and potentially trigger a denial of service, impacting performance and availability.

Affected Version(s)

2019.2 IPU – Intel(R) Ethernet 700 Series Controllers See provided reference

References

https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_MISC

CVSS V3.1

Score:
5.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.