PT-2023-4427 · Intel+10 · Intel(R) Ethernet Controller Rdma Driver+10

Christopher Bednarz

+3

·

Published

2023-08-11

·

Updated

2025-01-13

·

CVE-2023-25775

CVSS v2.0

10

Critical

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Intel(R) Ethernet Controller RDMA driver for linux versions prior to 1.9.30
Description The issue is related to improper access control in the Intel(R) Ethernet Controller RDMA driver for Linux. This may allow an unauthenticated user to potentially enable escalation of privilege via network access. The vulnerability can be exploited by a remote attacker to increase their privileges.
Recommendations For versions prior to 1.9.30, update to version 1.9.30 or later to resolve the issue. As a temporary workaround, consider restricting network access to the RDMA driver until a patch is applied.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

ALSA-2024:2394
ALSA-2024:2950
ALSA-2024:3138
ALT-PU-2023-6418
BDU:2023-04772
CESA-2024_2950
CESA-2024_3138
CVE-2023-25775
DLA-3710-1
DLA-3711-1
DSA-5594-1
INFSA-2024_2394
INFSA-2024_2950
INFSA-2024_3138
MGASA-2023-0295
MGASA-2023-0296
MGASA-2023-0328
MGASA-2023-0331
OPENSUSE-SU-2023_4730-1
OPENSUSE-SU-2023_4731-1
OPENSUSE-SU-2023_4732-1
OPENSUSE-SU-2023_4734-1
OPENSUSE-SU-2023_4782-1
RHSA-2024:2003
RHSA-2024:2004
RHSA-2024:2394
RHSA-2024:2950
RHSA-2024:3138
RHSA-2024_2003
RHSA-2024_2004
RHSA-2024_2394
RHSA-2024_2950
RHSA-2024_3138
RLSA-2024:2950
RLSA-2024:3138
SUSE-SU-2023:4730-1
SUSE-SU-2023:4731-1
SUSE-SU-2023:4732-1
SUSE-SU-2023:4734-1
SUSE-SU-2023:4782-1
SUSE-SU-2023:4810-1
USN-6415-1
USN-6496-1
USN-6496-2
USN-6502-1
USN-6502-2
USN-6502-3
USN-6502-4
USN-6516-1
USN-6520-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Intel(R) Ethernet Controller Rdma Driver
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu