Action not permitted
Modal body text goes here.
Modal Title
Modal Body
WID-SEC-W-2025-1794
Vulnerability from csaf_certbund - Published: 2025-08-12 22:00 - Updated: 2025-10-15 22:00Summary
Intel Ethernet Controller: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Intel Ethernet Controller bezeichnet Netzwerkkarten (NIC) des Herstellers Intel.
Angriff
Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Ethernet Controller ausnutzen, um einen Denial of Service Angriff durchzuführen, sich erweiterte Privilegien zu verschaffen und vertrauliche Informationen offenzulegen.
Betroffene Betriebssysteme
- BIOS/Firmware
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Intel Ethernet Controller bezeichnet Netzwerkkarten (NIC) des Herstellers Intel.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Intel Ethernet Controller ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, sich erweiterte Privilegien zu verschaffen und vertrauliche Informationen offenzulegen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- BIOS/Firmware\n- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1794 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1794.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1794 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1794"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-01257 vom 2025-08-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01257.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-01296 vom 2025-08-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-01335 vom 2025-08-12",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html"
},
{
"category": "external",
"summary": "Lenovo Security Advisory LEN-198962 vom 2025-08-13",
"url": "https://support.lenovo.com/us/en/product_security/LEN-198962"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-324 vom 2025-08-14",
"url": "https://www.dell.com/support/kbdoc/000355904"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-236 vom 2025-08-20",
"url": "https://www.dell.com/support/kbdoc/000330918"
}
],
"source_lang": "en-US",
"title": "Intel Ethernet Controller: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-10-15T22:00:00.000+00:00",
"generator": {
"date": "2025-10-16T09:59:17.856+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2025-1794",
"initial_release_date": "2025-08-12T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-08-12T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-08-13T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-08-19T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-10-15T22:00:00.000+00:00",
"number": "4",
"summary": "Referenz(en) aufgenommen: K000156944"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T036868",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
},
{
"category": "product_name",
"name": "Dell PowerEdge",
"product": {
"name": "Dell PowerEdge",
"product_id": "T019535",
"product_identification_helper": {
"cpe": "cpe:/h:dell:poweredge:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "E810 NVM \u003c4.6",
"product": {
"name": "Intel Ethernet Controller E810 NVM \u003c4.6",
"product_id": "T045817"
}
},
{
"category": "product_version",
"name": "E810 NVM 4.6",
"product": {
"name": "Intel Ethernet Controller E810 NVM 4.6",
"product_id": "T045817-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:intel:ethernet_controller:e810_nvm__4.6"
}
}
},
{
"category": "product_version_range",
"name": "800 Series Drivers \u003c1.17.2",
"product": {
"name": "Intel Ethernet Controller 800 Series Drivers \u003c1.17.2",
"product_id": "T045818"
}
},
{
"category": "product_version",
"name": "800 Series Drivers 1.17.2",
"product": {
"name": "Intel Ethernet Controller 800 Series Drivers 1.17.2",
"product_id": "T045818-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:intel:ethernet_controller:800_series_drivers__1.17.2"
}
}
},
{
"category": "product_version_range",
"name": "I350 Linux Series drivers \u003c5.19.2",
"product": {
"name": "Intel Ethernet Controller I350 Linux Series drivers \u003c5.19.2",
"product_id": "T045820"
}
},
{
"category": "product_version",
"name": "I350 Linux Series drivers 5.19.2",
"product": {
"name": "Intel Ethernet Controller I350 Linux Series drivers 5.19.2",
"product_id": "T045820-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:intel:ethernet_controller:i350_linux_series_drivers__5.19.2"
}
}
},
{
"category": "product_version_range",
"name": "700 Linux Series\u003c2.28.5",
"product": {
"name": "Intel Ethernet Controller 700 Linux Series\u003c2.28.5",
"product_id": "T045822"
}
},
{
"category": "product_version",
"name": "700 Linux Series2.28.5",
"product": {
"name": "Intel Ethernet Controller 700 Linux Series2.28.5",
"product_id": "T045822-fixed",
"product_identification_helper": {
"cpe": "cpe:/h:intel:ethernet_controller:700_linux__series_2.28.5"
}
}
}
],
"category": "product_name",
"name": "Ethernet Controller"
}
],
"category": "vendor",
"name": "Intel"
},
{
"branches": [
{
"category": "product_name",
"name": "Lenovo Computer",
"product": {
"name": "Lenovo Computer",
"product_id": "T026557",
"product_identification_helper": {
"cpe": "cpe:/h:lenovo:computer:-"
}
}
}
],
"category": "vendor",
"name": "Lenovo"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-24296",
"product_status": {
"known_affected": [
"T019535",
"T036868",
"T045817",
"T026557"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-24296"
},
{
"cve": "CVE-2025-20093",
"product_status": {
"known_affected": [
"T019535",
"T036868",
"T026557",
"T045818"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-20093"
},
{
"cve": "CVE-2025-22836",
"product_status": {
"known_affected": [
"T019535",
"T036868",
"T026557",
"T045818"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-22836"
},
{
"cve": "CVE-2025-22893",
"product_status": {
"known_affected": [
"T019535",
"T036868",
"T026557",
"T045818"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-22893"
},
{
"cve": "CVE-2025-24303",
"product_status": {
"known_affected": [
"T019535",
"T036868",
"T026557",
"T045818"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-24303"
},
{
"cve": "CVE-2025-24324",
"product_status": {
"known_affected": [
"T019535",
"T036868",
"T026557",
"T045818"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-24324"
},
{
"cve": "CVE-2025-24325",
"product_status": {
"known_affected": [
"T019535",
"T036868",
"T026557",
"T045818"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-24325"
},
{
"cve": "CVE-2025-24484",
"product_status": {
"known_affected": [
"T019535",
"T036868",
"T026557",
"T045818"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-24484"
},
{
"cve": "CVE-2025-23241",
"product_status": {
"known_affected": [
"T019535",
"T036868",
"T026557",
"T045818"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-23241"
},
{
"cve": "CVE-2025-21086",
"product_status": {
"known_affected": [
"T019535",
"T045822",
"T036868",
"T026557"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-21086"
},
{
"cve": "CVE-2025-24486",
"product_status": {
"known_affected": [
"T019535",
"T045822",
"T036868",
"T026557"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-24486"
},
{
"cve": "CVE-2025-25273",
"product_status": {
"known_affected": [
"T019535",
"T045822",
"T036868",
"T026557"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-25273"
},
{
"cve": "CVE-2025-26697",
"product_status": {
"known_affected": [
"T019535",
"T045822",
"T036868",
"T026557"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-26697"
},
{
"cve": "CVE-2025-26863",
"product_status": {
"known_affected": [
"T019535",
"T045822",
"T036868",
"T026557"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-26863"
},
{
"cve": "CVE-2025-24511",
"product_status": {
"known_affected": [
"T045820",
"T019535",
"T036868",
"T026557"
]
},
"release_date": "2025-08-12T22:00:00.000+00:00",
"title": "CVE-2025-24511"
}
]
}
CVE-2025-24296 (GCVE-0-2025-24296)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2025-08-13 20:17
VLAI?
EPSS
Summary
Improper input validation in some firmware for the Intel(R) E810 Ethernet before version 4.6 may allow a privileged user to enable denial of service via local access.
Severity ?
6 (Medium)
CWE
- Denial of Service
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | firmware for the Intel(R) E810 Ethernet |
Affected:
before version 4.6
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24296",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T18:04:24.784954Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T20:17:55.332Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "firmware for the Intel(R) E810 Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 4.6"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in some firmware for the Intel(R) E810 Ethernet before version 4.6 may allow a privileged user to enable denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:58:45.757Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01257.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01257.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-24296",
"datePublished": "2025-08-12T16:58:45.757Z",
"dateReserved": "2025-01-24T04:00:26.822Z",
"dateUpdated": "2025-08-13T20:17:55.332Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24486 (GCVE-0-2025-24486)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:59 – Updated: 2025-08-14 03:55
VLAI?
EPSS
Summary
Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- Escalation of Privilege
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) 700 Series Ethernet |
Affected:
before version 2.28.5
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24486",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T03:55:55.986Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) 700 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.28.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:59:00.485Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-24486",
"datePublished": "2025-08-12T16:59:00.485Z",
"dateReserved": "2025-02-04T04:00:22.143Z",
"dateUpdated": "2025-08-14T03:55:55.986Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-25273 (GCVE-0-2025-25273)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:59 – Updated: 2025-08-14 03:55
VLAI?
EPSS
Summary
Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- Escalation of Privilege
- CWE-691 - Insufficient Control Flow Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) 700 Series Ethernet |
Affected:
before version 2.28.5
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25273",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T03:55:57.145Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) 700 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.28.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-691",
"description": "Insufficient Control Flow Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:59:15.523Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-25273",
"datePublished": "2025-08-12T16:59:15.523Z",
"dateReserved": "2025-02-21T04:00:25.884Z",
"dateUpdated": "2025-08-14T03:55:57.145Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24324 (GCVE-0-2025-24324)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2025-08-14 03:55
VLAI?
EPSS
Summary
Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
CWE
- Escalation of Privilege
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) 800 Series Ethernet |
Affected:
before version 1.17.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24324",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T03:55:54.553Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) 800 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.17.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 2.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 2,
"baseSeverity": "LOW",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-190",
"description": "Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:58:55.702Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-24324",
"datePublished": "2025-08-12T16:58:55.702Z",
"dateReserved": "2025-01-24T04:00:26.588Z",
"dateUpdated": "2025-08-14T03:55:54.553Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24325 (GCVE-0-2025-24325)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2025-08-14 03:55
VLAI?
EPSS
Summary
Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
8.8 (High)
CWE
- Escalation of Privilege
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) 800 Series Ethernet |
Affected:
before version 1.17.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24325",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T03:55:47.290Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) 800 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.17.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:58:57.250Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-24325",
"datePublished": "2025-08-12T16:58:57.250Z",
"dateReserved": "2025-01-23T03:59:09.867Z",
"dateUpdated": "2025-08-14T03:55:47.290Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-20093 (GCVE-0-2025-20093)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2025-08-14 03:55
VLAI?
EPSS
Summary
Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
8.2 (High)
CWE
- Escalation of Privilege
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) 800 Series Ethernet |
Affected:
before version 1.17.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-20093",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T03:55:39.942Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) 800 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.17.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-754",
"description": "Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:58:14.984Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-20093",
"datePublished": "2025-08-12T16:58:14.984Z",
"dateReserved": "2025-01-23T03:59:09.896Z",
"dateUpdated": "2025-08-14T03:55:39.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24484 (GCVE-0-2025-24484)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2025-08-14 03:55
VLAI?
EPSS
Summary
Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- Escalation of Privilege
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) 800 Series Ethernet |
Affected:
before version 1.17.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24484",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T03:55:49.741Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) 800 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.17.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:58:58.897Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-24484",
"datePublished": "2025-08-12T16:58:58.897Z",
"dateReserved": "2025-01-23T03:59:09.915Z",
"dateUpdated": "2025-08-14T03:55:49.741Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24511 (GCVE-0-2025-24511)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:59 – Updated: 2025-08-13 20:16
VLAI?
EPSS
Summary
Improper initialization in the Linux kernel-mode driver for some Intel(R) I350 Series Ethernet before version 5.19.2 may allow an authenticated user to potentially enable Information disclosure via data exposure.
Severity ?
CWE
- Information Disclosure
- CWE-665 - Improper Initialization
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) I350 Series Ethernet |
Affected:
before version 5.19.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24511",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T18:04:16.149934Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T20:16:47.098Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) I350 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 5.19.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper initialization in the Linux kernel-mode driver for some Intel(R) I350 Series Ethernet before version 5.19.2 may allow an authenticated user to potentially enable Information disclosure via data exposure."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "LOCAL",
"baseScore": 2,
"baseSeverity": "LOW",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information Disclosure",
"lang": "en"
},
{
"cweId": "CWE-665",
"description": "Improper Initialization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:59:02.313Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-24511",
"datePublished": "2025-08-12T16:59:02.313Z",
"dateReserved": "2025-02-04T04:00:22.159Z",
"dateUpdated": "2025-08-13T20:16:47.098Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-21086 (GCVE-0-2025-21086)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2025-08-14 03:56
VLAI?
EPSS
Summary
Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege.
Severity ?
7.5 (High)
CWE
- Escalation of Privilege
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) 700 Series Ethernet |
Affected:
before version 2.28.5
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-21086",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T03:56:16.267Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) 700 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.28.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper input validation in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable escalation of privilege."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-20",
"description": "Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:58:25.016Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-21086",
"datePublished": "2025-08-12T16:58:25.016Z",
"dateReserved": "2025-02-21T04:00:25.912Z",
"dateUpdated": "2025-08-14T03:56:16.267Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-26697 (GCVE-0-2025-26697)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:59 – Updated: 2025-08-13 20:15
VLAI?
EPSS
Summary
Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service.
Severity ?
CWE
- Denial of Service
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) 700 Series Ethernet |
Affected:
before version 2.28.5
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-26697",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T18:03:56.958998Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T20:15:41.515Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) 700 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.28.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-400",
"description": "Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:59:23.531Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-26697",
"datePublished": "2025-08-12T16:59:23.531Z",
"dateReserved": "2025-02-21T04:00:25.939Z",
"dateUpdated": "2025-08-13T20:15:41.515Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-23241 (GCVE-0-2025-23241)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2025-08-13 20:18
VLAI?
EPSS
Summary
Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable denial of service via local access.
Severity ?
7.3 (High)
CWE
- Denial of Service
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) 800 Series Ethernet |
Affected:
before version 1.17.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-23241",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T18:04:26.967501Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T20:18:02.801Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) 800 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.17.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable denial of service via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-190",
"description": "Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:58:44.188Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-23241",
"datePublished": "2025-08-12T16:58:44.188Z",
"dateReserved": "2025-01-23T03:59:09.881Z",
"dateUpdated": "2025-08-13T20:18:02.801Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22836 (GCVE-0-2025-22836)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2025-08-14 03:55
VLAI?
EPSS
Summary
Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- Escalation of Privilege
- CWE-190 - Integer Overflow or Wraparound
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) 800 Series Ethernet |
Affected:
before version 1.17.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22836",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T03:55:51.337Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) 800 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.17.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-190",
"description": "Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:58:32.833Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-22836",
"datePublished": "2025-08-12T16:58:32.833Z",
"dateReserved": "2025-01-23T03:59:09.888Z",
"dateUpdated": "2025-08-14T03:55:51.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22893 (GCVE-0-2025-22893)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2025-08-14 03:55
VLAI?
EPSS
Summary
Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- Escalation of Privilege
- CWE-691 - Insufficient Control Flow Management
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) 800 Series Ethernet |
Affected:
before version 1.17.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22893",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T03:55:48.485Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) 800 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.17.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Insufficient control flow management in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-691",
"description": "Insufficient Control Flow Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:58:42.671Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-22893",
"datePublished": "2025-08-12T16:58:42.671Z",
"dateReserved": "2025-01-23T03:59:09.875Z",
"dateUpdated": "2025-08-14T03:55:48.485Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-24303 (GCVE-0-2025-24303)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:58 – Updated: 2025-08-14 03:55
VLAI?
EPSS
Summary
Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
7.8 (High)
CWE
- Escalation of Privilege
- CWE-754 - Improper Check for Unusual or Exceptional Conditions
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) 800 Series Ethernet |
Affected:
before version 1.17.2
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24303",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-14T03:55:52.955Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) 800 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 1.17.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Improper check for unusual or exceptional conditions in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en"
},
{
"cweId": "CWE-754",
"description": "Improper Check for Unusual or Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:58:49.185Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-24303",
"datePublished": "2025-08-12T16:58:49.185Z",
"dateReserved": "2025-01-23T03:59:09.909Z",
"dateUpdated": "2025-08-14T03:55:52.955Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-26863 (GCVE-0-2025-26863)
Vulnerability from cvelistv5 – Published: 2025-08-12 16:59 – Updated: 2025-08-13 20:15
VLAI?
EPSS
Summary
Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service.
Severity ?
CWE
- Denial of Service
- CWE-400 - Uncontrolled Resource Consumption
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) 700 Series Ethernet |
Affected:
before version 2.28.5
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-26863",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-13T18:03:54.727434Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-13T20:15:35.544Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) 700 Series Ethernet",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 2.28.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Uncontrolled resource consumption in the Linux kernel-mode driver for some Intel(R) 700 Series Ethernet before version 2.28.5 may allow an authenticated user to potentially enable denial of service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:L",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial of Service",
"lang": "en"
},
{
"cweId": "CWE-400",
"description": "Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-08-12T16:59:25.188Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html",
"url": "https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01335.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2025-26863",
"datePublished": "2025-08-12T16:59:25.188Z",
"dateReserved": "2025-02-21T04:00:25.898Z",
"dateUpdated": "2025-08-13T20:15:35.544Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…