CVE-2025-24325

9.3

Critical

Published:12 Aug 2025

Last updated:17 Jun 2026

Source:secure@intel.com

Deferred

Weakness (CWE)

CWE-20Improper Input Validation

CVSS Vector

v4.0

Attack Vector: Local
Attack Complexity: Low
Attack Requirements: None
Privileges Required: Low
User Interaction: None
Confidentiality (Vulnerable): High
Integrity (Vulnerable): High
Availability (Vulnerable): High
Confidentiality (Subsequent): High
Integrity (Subsequent): High
Availability (Subsequent): High

View on MITRE Find PoC on GitHub

Description

Improper input validation in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

References

secure@intel.com

https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01296.html