Possible Escalation of Privilege via Local Access
CVE-2024-23981

8.8HIGH

Key Information:

Vendor
Intel
Vendor
CVE Published:
14 August 2024

Summary

A wrap-around error has been identified in the Linux kernel mode driver for select Intel Ethernet Network Controllers and Adapters prior to version 28.3. This vulnerability has the potential to allow authenticated users to escalate their privileges through local access. Organizations utilizing these affected products should take immediate precautions to mitigate risks associated with unauthorized privilege escalation.

Affected Version(s)

Intel(R) Ethernet Network Controllers and Adapters before version 28.3

References

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.