PT-2024-19899 · Intel+1 · Intel Ethernet Network Controllers/Adapters+1
Published
2024-08-14
·
Updated
2025-08-13
·
CVE-2024-23497
CVSS v3.1
8.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters versions prior to 28.3
Description
The issue is an out-of-bounds write in the Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters. This may allow an authenticated user to potentially enable escalation of privilege via local access.
Recommendations
For versions prior to 28.3, update to version 28.3 to patch the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.
Fix
Memory Corruption
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Intel Ethernet Network Controllers/Adapters
Red Os