CVE-2024-21807

9.3

Critical

Published:14 Aug 2024

Last updated:17 Jun 2026

Source:secure@intel.com

Deferred

Weakness (CWE)

CWE-665CWE-665
CWE-269Improper Privilege Management

CVSS Vector

v4.0

Attack Vector: Local
Attack Complexity: Low
Attack Requirements: None
Privileges Required: Low
User Interaction: None
Confidentiality (Vulnerable): High
Integrity (Vulnerable): High
Availability (Vulnerable): High
Confidentiality (Subsequent): High
Integrity (Subsequent): High
Availability (Subsequent): High

View on MITRE Find PoC on GitHub

Description

Improper initialization in the Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.

References

secure@intel.com

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html