Linux Kernel Mode Driver Vulnerability in Intel 800 Series Ethernet Driver
CVE-2024-39286

2LOW

Key Information:

Vendor: Intel
Status: Intel(r) 800 Series Ethernet Driver
Vendor: CVE Published:; 12 February 2025

What is CVE-2024-39286?

The Intel 800 Series Ethernet Driver prior to version 1.15.4 contains a vulnerability in its Linux kernel mode driver that allows authenticated users to exploit incorrect execution-assigned permissions. This could potentially lead to unauthorized information disclosure via local access, posing a significant risk to system integrity and confidentiality.

Affected Version(s)

Intel(R) 800 Series Ethernet Driver before version 1.15.4

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

Severity:

LOW

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Aug 15, 2024

JSON