Information Disclosure and Denial of Service in Intel Ethernet Controllers
CVE-2021-0002

7.1HIGH

Key Information:

Vendor
Intel
Status
Intel(r) Ethernet Controllers 800 Series Linux Drivers
Vendor
CVE Published:
11 August 2021

Summary

An issue in the Intel Ethernet Controllers 800 series Linux drivers could allow an authenticated user to exploit improper conditions check, potentially leading to information disclosure or denial of service when local access is granted. This vulnerability emphasizes the importance of reviewing driver versions and applying necessary updates to mitigate risks associated with unauthorized access.

Affected Version(s)

Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11

References

https://www.intel.com/content/www/us/en/security-center/a...
x_refsource_MISC
https://security.netapp.com/advisory/ntap-20210827-0008/
x_refsource_CONFIRM
https://lists.fedoraproject.org/archives/list/package-ann...
vendor-advisoryx_refsource_FEDORA

CVSS V3.1

Score:
7.1
Severity:
HIGH
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.