Improper Conditions Check in Intel Ethernet Controllers 800 Series
CVE-2021-0003

5.5MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Ethernet Controllers 800 Series Linux Drivers
Vendor: CVE Published:; 11 August 2021

Summary

An improper conditions check in Intel Ethernet Controllers 800 series Linux drivers prior to version 1.4.11 allows an authenticated user to exploit local access, potentially leading to unintended information disclosure. This vulnerability highlights the importance of ensuring proper conditions and permissions checks are in place within network driver software to protect sensitive data from potential exposure.

Affected Version(s)

Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20210827-0008/

x_refsource_CONFIRM

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 11, 2021
Vulnerability Reserved
Oct 22, 2020