Intel Ethernet Adapters Vulnerable to Out-of-bounds Write Attack

CVE-2024-23497

8.8HIGH

Key Information

Vendor
Intel
Status
Intel(r) Ethernet Network Controllers And Adapters
Vendor
CVE Published:
14 August 2024

Summary

Out-of-bounds write in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected Version(s)

Intel(R) Ethernet Network Controllers and Adapters = before version 28.3

Refferences

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.