PT-2023-4427 · Intel+10 · Intel(R) Ethernet Controller Rdma Driver+10

Christopher Bednarz

+3

·

Publicado

2023-08-11

·

Atualizado

2025-01-13

·

CVE-2023-25775

CVSS v2.0

10

Crítica

VetorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Intel(R) Ethernet Controller RDMA driver for linux versions prior to 1.9.30
Description The issue is related to improper access control in the Intel(R) Ethernet Controller RDMA driver for Linux. This may allow an unauthenticated user to potentially enable escalation of privilege via network access. The vulnerability can be exploited by a remote attacker to increase their privileges.
Recommendations For versions prior to 1.9.30, update to version 1.9.30 or later to resolve the issue. As a temporary workaround, consider restricting network access to the RDMA driver until a patch is applied.

Correção

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

ALSA-2024:2394
ALSA-2024:2950
ALSA-2024:3138
ALT-PU-2023-6418
BDU:2023-04772
CESA-2024_2950
CESA-2024_3138
CVE-2023-25775
DLA-3710-1
DLA-3711-1
DSA-5594-1
INFSA-2024_2394
INFSA-2024_2950
INFSA-2024_3138
MGASA-2023-0295
MGASA-2023-0296
MGASA-2023-0328
MGASA-2023-0331
OPENSUSE-SU-2023_4730-1
OPENSUSE-SU-2023_4731-1
OPENSUSE-SU-2023_4732-1
OPENSUSE-SU-2023_4734-1
OPENSUSE-SU-2023_4782-1
RHSA-2024:2003
RHSA-2024:2004
RHSA-2024:2394
RHSA-2024:2950
RHSA-2024:3138
RHSA-2024_2003
RHSA-2024_2004
RHSA-2024_2394
RHSA-2024_2950
RHSA-2024_3138
RLSA-2024:2950
RLSA-2024:3138
SUSE-SU-2023:4730-1
SUSE-SU-2023:4731-1
SUSE-SU-2023:4732-1
SUSE-SU-2023:4734-1
SUSE-SU-2023:4782-1
SUSE-SU-2023:4810-1
USN-6415-1
USN-6496-1
USN-6496-2
USN-6502-1
USN-6502-2
USN-6502-3
USN-6502-4
USN-6516-1
USN-6520-1

Produtos afetados

Alt Linux
Almalinux
Astra Linux
Centos
Intel(R) Ethernet Controller Rdma Driver
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu