PT-2024-6365 · Intel · Intel Ethernet Network Controllers/Adapters
Published
2024-08-13
·
Updated
2024-08-14
·
CVE-2024-21807
CVSS v3.1
8.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Linux kernel mode driver for Intel Ethernet Network Controllers and Adapters versions prior to 28.3
Description
The issue is related to improper initialization and insecure privilege management in the Linux kernel mode driver for Intel Ethernet Network Controllers and Adapters. This may allow an authenticated user to potentially enable escalation of privilege via local access.
Recommendations
For versions prior to 28.3, update to version 28.3 or later to prevent local access exploit and potential privilege escalation.
Fix
Improper Privilege Management
Improper Initialization
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Intel Ethernet Network Controllers/Adapters