CVE-2024-23981

EPSS 0.19%
Published 14.08.2024 14:15:20
Last modified 06.09.2024 20:27:57
Source secure@intel.com
Teams watchlist Login
Open Login

Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected products Warnungen 0 Metrics 4 CWE 2 References 4

Data is provided by the National Vulnerability Database (NVD)

Intel ≫ Ethernet 800 Series Controllers Driver SwPlatformlinux Version < 28.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.19%	0.413

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	8.8	2	6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
secure@intel.com	9.3	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
secure@intel.com	8.8	2	6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-128 Wrap-around Error

Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.

CWE-682 Incorrect Calculation

The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-23981

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-23981

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-23981

EUVD