CVE-2024-23981

EPSS 0.19%
Veröffentlicht 14.08.2024 14:15:20
Zuletzt bearbeitet 06.09.2024 20:27:57
Quelle secure@intel.com
Teams Watchlist Login
Unerledigt Login

Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 2 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Intel ≫ Ethernet 800 Series Controllers Driver SwPlatformlinux Version < 28.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.19%	0.413

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.8	2	6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
secure@intel.com	9.3	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
secure@intel.com	8.8	2	6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-128 Wrap-around Error

Wrap around errors occur whenever a value is incremented past the maximum value for its type and therefore "wraps around" to a very small, negative, or undefined value.

CWE-682 Incorrect Calculation

The product performs a calculation that generates incorrect or unintended results that are later used in security-critical decisions or resource management.

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2024-23981

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-23981

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-23981

EUVD