Linux Kernel Mode Driver Vulnerability in Intel 800 Series Ethernet Driver
CVE-2024-39286

2LOW

Key Information:

Vendor

Intel

Vendor
CVE Published:
12 February 2025

What is CVE-2024-39286?

The Intel 800 Series Ethernet Driver prior to version 1.15.4 contains a vulnerability in its Linux kernel mode driver that allows authenticated users to exploit incorrect execution-assigned permissions. This could potentially lead to unauthorized information disclosure via local access, posing a significant risk to system integrity and confidentiality.

Affected Version(s)

Intel(R) 800 Series Ethernet Driver before version 1.15.4

References

CVSS V4

Score:
2
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
Physical
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.