Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-23981 (GCVE-0-2024-23981)
Vulnerability from cvelistv5 – Published: 2024-08-14 13:45 – Updated: 2024-08-16 04:01
VLAI?
EPSS
Summary
Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
8.8 (High)
CWE
- escalation of privilege
- CWE-128 - Wrap-around error
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| n/a | Intel(R) Ethernet Network Controllers and Adapters |
Affected:
before version 28.3
|
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:intel:ethernet_complete_driver_pack:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "ethernet_complete_driver_pack",
"vendor": "intel",
"versions": [
{
"lessThan": "28.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23981",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-15T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-16T04:01:28.264Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Intel(R) Ethernet Network Controllers and Adapters",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "before version 28.3"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "escalation of privilege",
"lang": "en"
},
{
"cweId": "CWE-128",
"description": "Wrap-around error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-14T13:45:45.752Z",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2024-23981",
"datePublished": "2024-08-14T13:45:45.752Z",
"dateReserved": "2024-02-14T04:00:11.428Z",
"dateUpdated": "2024-08-16T04:01:28.264Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:ethernet_800_series_controllers_driver:*:*:*:*:*:linux:*:*\", \"versionEndExcluding\": \"28.3\", \"matchCriteriaId\": \"F7AEF475-A75F-4046-B1BF-24FB635BB5A7\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.\"}, {\"lang\": \"es\", \"value\": \"El error envolvente en el controlador del modo kernel de Linux para algunos Intel(R) Ethernet Network Controllers and Adapters anteriores a la versi\\u00f3n 28.3 puede permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a trav\\u00e9s del acceso local.\"}]",
"id": "CVE-2024-23981",
"lastModified": "2024-09-06T20:27:57.367",
"metrics": "{\"cvssMetricV40\": [{\"source\": \"secure@intel.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"4.0\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\", \"baseScore\": 9.3, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"vulnerableSystemConfidentiality\": \"HIGH\", \"vulnerableSystemIntegrity\": \"HIGH\", \"vulnerableSystemAvailability\": \"HIGH\", \"subsequentSystemConfidentiality\": \"HIGH\", \"subsequentSystemIntegrity\": \"HIGH\", \"subsequentSystemAvailability\": \"HIGH\", \"exploitMaturity\": \"NOT_DEFINED\", \"confidentialityRequirements\": \"NOT_DEFINED\", \"integrityRequirements\": \"NOT_DEFINED\", \"availabilityRequirements\": \"NOT_DEFINED\", \"modifiedAttackVector\": \"NOT_DEFINED\", \"modifiedAttackComplexity\": \"NOT_DEFINED\", \"modifiedAttackRequirements\": \"NOT_DEFINED\", \"modifiedPrivilegesRequired\": \"NOT_DEFINED\", \"modifiedUserInteraction\": \"NOT_DEFINED\", \"modifiedVulnerableSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedVulnerableSystemIntegrity\": \"NOT_DEFINED\", \"modifiedVulnerableSystemAvailability\": \"NOT_DEFINED\", \"modifiedSubsequentSystemConfidentiality\": \"NOT_DEFINED\", \"modifiedSubsequentSystemIntegrity\": \"NOT_DEFINED\", \"modifiedSubsequentSystemAvailability\": \"NOT_DEFINED\", \"safety\": \"NOT_DEFINED\", \"automatable\": \"NOT_DEFINED\", \"recovery\": \"NOT_DEFINED\", \"valueDensity\": \"NOT_DEFINED\", \"vulnerabilityResponseEffort\": \"NOT_DEFINED\", \"providerUrgency\": \"NOT_DEFINED\"}}], \"cvssMetricV31\": [{\"source\": \"secure@intel.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.0, \"impactScore\": 6.0}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"baseScore\": 8.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.0, \"impactScore\": 6.0}]}",
"published": "2024-08-14T14:15:20.913",
"references": "[{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Vendor Advisory\"]}]",
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Analyzed",
"weaknesses": "[{\"source\": \"secure@intel.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-128\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-682\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-23981\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2024-08-14T14:15:20.913\",\"lastModified\":\"2024-09-06T20:27:57.367\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.\"},{\"lang\":\"es\",\"value\":\"El error envolvente en el controlador del modo kernel de Linux para algunos Intel(R) Ethernet Network Controllers and Adapters anteriores a la versi\u00f3n 28.3 puede permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":9.3,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"HIGH\",\"subIntegrityImpact\":\"HIGH\",\"subAvailabilityImpact\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.0,\"impactScore\":6.0},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.0,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"secure@intel.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-128\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-682\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:ethernet_800_series_controllers_driver:*:*:*:*:*:linux:*:*\",\"versionEndExcluding\":\"28.3\",\"matchCriteriaId\":\"F7AEF475-A75F-4046-B1BF-24FB635BB5A7\"}]}]}],\"references\":[{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-23981\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-14T14:23:12.712868Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:intel:ethernet_complete_driver_pack:*:*:*:*:*:*:*:*\"], \"vendor\": \"intel\", \"product\": \"ethernet_complete_driver_pack\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"28.3\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-14T14:23:47.236Z\"}}], \"cna\": {\"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 9.3, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"privilegesRequired\": \"LOW\", \"subIntegrityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"subAvailabilityImpact\": \"HIGH\", \"vulnAvailabilityImpact\": \"HIGH\", \"subConfidentialityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"n/a\", \"product\": \"Intel(R) Ethernet Network Controllers and Adapters\", \"versions\": [{\"status\": \"affected\", \"version\": \"before version 28.3\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html\", \"name\": \"https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"escalation of privilege\"}, {\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-128\", \"description\": \"Wrap-around error\"}]}], \"providerMetadata\": {\"orgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"shortName\": \"intel\", \"dateUpdated\": \"2024-08-14T13:45:45.752Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-23981\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-16T04:01:28.264Z\", \"dateReserved\": \"2024-02-14T04:00:11.428Z\", \"assignerOrgId\": \"6dda929c-bb53-4a77-a76d-48e79601a1ce\", \"datePublished\": \"2024-08-14T13:45:45.752Z\", \"assignerShortName\": \"intel\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2024-AVI-0679
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Intel. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | N/A | Intel Arc Iris Xe Graphics versions antérieures à 31.0.101.4824 | ||
| Intel | N/A | Intel NUC M15 Laptop Kits: LAPBC710, LAPBC510, LAPRC710, LAPRC510 | ||
| Intel | N/A | Intel NUC M15 Laptop Kits: LAPRC710, LAPRC510 | ||
| Intel | N/A | Intel NUC X15 Laptop | ||
| Intel | N/A | Intel oneAPI Base Toolkit software versions antérieures à 2024.1 | ||
| Intel | N/A | Intel oneAPI Base Toolkits versions antérieures à 2024.1 | ||
| Intel | N/A | Intel Quartus Prime Pro Edition Design software versions antérieures à 23.4 | ||
| Intel | N/A | Intel Quartus Prime Pro Edition Design Software versions antérieures à 24.1 | ||
| Intel | N/A | Intel(R) Ethernet Complete Driver Pack versions antérieures à 28.3 | ||
| Intel | N/A | Intel(R) Ethernet Controllers E800 Series with NVM image versions 4.4 | ||
| Intel | N/A | Intel(R) Ethernet Controllers E800 Series avec des versions antérieures à NIC1.3 PV, NVM avec versions d'images avant 3.36 et Intel(R) Ethernet Complete Driver Pack 28.3. | ||
| Intel | N/A | Intel TDX module software versions 1.5.05.46.698 | ||
| Intel | N/A | Intel TDX module software versions antérieures à TDX 1.5.01.00.592 | ||
| Intel | N/A | Intel Trace Analyzer and Collector versions antérieures à 2022.1 | ||
| Intel | N/A | Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iDmiEdit-Win software versions antérieures à 5.27.03.0006 | ||
| Intel | N/A | Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iDmiEditLnx software versions antérieures à 5.27.06.0019 | ||
| Intel | N/A | Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iFlashVLnx software versions antérieures à 5.13.00.2106 | ||
| Intel | N/A | Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iFlashVWin software versions antérieures à 5.13.00.2109 | ||
| Intel | N/A | Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iSetupCfgLnx software versions antérieures à 5.05.04.0008 | ||
| Intel | N/A | Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iSetupCfgWin software versions antérieures à 5.05.04.0008 | ||
| Intel | N/A | Intel NUC X15 Laptop Kits: LAPAC71G, LAPAC71H, LAPKC71F, LAPKC71E, LAPKC51E. | ||
| Intel | N/A | Intel Simics Package Manager software versions antérieures à 1.8.3. | ||
| Intel | N/A | Intel oneAPI Base Toolkit versions antérieures à 2024.1 | ||
| Intel | N/A | Intel oneAPI DPC++/C++ Compiler versions antérieures à 2024.1. | ||
| Intel | N/A | Intel oneAPI HPC Toolkit versions antérieures à 2024.1 | ||
| Intel | N/A | Intel oneAPI HPC Toolkit versions antérieures à 2024.1.0. | ||
| Intel | N/A | Intel oneAPI Math Kernel Library versions antérieures à 2024.1 | ||
| Intel | N/A | BMRA software versions antérieures à 22.08 | ||
| Intel | N/A | Flexlm License Daemons for Intel FPGA Software version v11.19.5.0 | ||
| Intel | N/A | Intel Advisor software versions antérieures à 2024.1 | ||
| Intel | N/A | Intel Agilex FPGA 7 FPGA firmware versions antérieures à 24.1 | ||
| Intel | N/A | Intel CIP software versions antérieures à 2.4.10717 | ||
| Intel | N/A | Intel Connectivity Performance Suite software versions antérieures à 2.0 | ||
| Intel | N/A | Intel DPC++ C++ Compiler software versions antérieures à 2024.1 | ||
| Intel | N/A | Intel Ethernet Adapter Complete Driver Pack software versions antérieures à 28.3 | ||
| Intel | N/A | Intel Fortran Compiler versions antérieures à 2024.1 | ||
| Intel | N/A | Intel FPGA SDK for OpenCL software technology, toutes versions | ||
| Intel | N/A | Intel GPA software versions antérieures à 2024.1 | ||
| Intel | N/A | Intel Graphics Performance Analyzers (Intel GPA) software versions antérieures à 2023.4 | ||
| Intel | N/A | Intel HID Event Filter software versions antérieures à 2.2.2.1 | ||
| Intel | N/A | Intel High Level Synthesis Compiler software versions antérieures à 23.4 | ||
| Intel | N/A | Intel Integrated Performance Primitive versions antérieures à 2021.11 | ||
| Intel | N/A | Intel IPP Cryptography software versions antérieures à 2021.11 | ||
| Intel | N/A | Intel ISH software for Intel NUC M15 Laptop Kits LAPBC710 and LAPBC510 versions antérieures à 5.4.1.4479 | ||
| Intel | N/A | Intel ISH software for Intel NUC M15 Laptop Kits LAPRC710 and LAPRC510 versions antérieures à 5.4.2.4594 | ||
| Intel | N/A | Intel License Manager for FLEXlm product versions antérieures à 11.19.5.0 | ||
| Intel | N/A | Intel MAS (GUI) versions antérieures à 2.5.0 | ||
| Intel | N/A | Processeurs Intel Xeon Scalable de 4ème et 5ème génération | ||
| Intel | N/A | Intel Data Center GPU Max Series 1100 et 1550 | ||
| Intel | N/A | Intel Distribution pour GDB software versions antérieures à 2024.0.1 | ||
| Intel | N/A | Intel Distribution pour Python pour Windows versions antérieures à 2024.1 | ||
| Intel | N/A | Intel ISH software for 11th Generation Intel Core Processor Family versions antérieures à 5.4.1.4479 | ||
| Intel | N/A | Intel ISH software for 12th Generation Intel Core Processor Family versions antérieures à 5.4.2.4594 | ||
| Intel | N/A | Intel MPI Library versions antérieures à 2021.12 | ||
| Intel | N/A | Intel Unite Client Extended Display Plugin software installer, toutes versions | ||
| Intel | N/A | Intel VROC versions antérieures à 8.6.0.1191 | ||
| Intel | N/A | Intel VTune Profiler software versions antérieures à 2024.1 | ||
| Intel | N/A | LAPAC71G and LAPAC71H versions antérieures à 0065 | ||
| Intel | N/A | LAPBC510 and LAPBC710 versions antérieures à 0083 | ||
| Intel | N/A | LAPKC51E, LAPKC71E, LAPKC71F versions antérieures à 0048 | ||
| Intel | N/A | LAPRC510, LAPRC710 versions antérieures à 0066 | ||
| Intel | N/A | VTune Profiler versions antérieures à VTune 2024.1 |
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Intel Arc Iris Xe Graphics versions ant\u00e9rieures \u00e0 31.0.101.4824",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC M15 Laptop Kits: LAPBC710, LAPBC510, LAPRC710, LAPRC510",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC M15 Laptop Kits: LAPRC710, LAPRC510",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC X15 Laptop",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI Base Toolkit software versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI Base Toolkits versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Quartus Prime Pro Edition Design software versions ant\u00e9rieures \u00e0 23.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Quartus Prime Pro Edition Design Software versions ant\u00e9rieures \u00e0 24.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel(R) Ethernet Complete Driver Pack versions ant\u00e9rieures \u00e0 28.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel(R) Ethernet Controllers E800 Series with NVM image versions 4.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel(R) Ethernet Controllers E800 Series avec des versions ant\u00e9rieures \u00e0 NIC1.3 PV, NVM avec versions d\u0027images avant 3.36 et Intel(R) Ethernet Complete Driver Pack 28.3.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel TDX module software versions 1.5.05.46.698",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel TDX module software versions ant\u00e9rieures \u00e0 TDX 1.5.01.00.592",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Trace Analyzer and Collector versions ant\u00e9rieures \u00e0 2022.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iDmiEdit-Win software versions ant\u00e9rieures \u00e0 5.27.03.0006",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iDmiEditLnx software versions ant\u00e9rieures \u00e0 5.27.06.0019",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iFlashVLnx software versions ant\u00e9rieures \u00e0 5.13.00.2106",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iFlashVWin software versions ant\u00e9rieures \u00e0 5.13.00.2109",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iSetupCfgLnx software versions ant\u00e9rieures \u00e0 5.05.04.0008",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iSetupCfgWin software versions ant\u00e9rieures \u00e0 5.05.04.0008",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC X15 Laptop Kits: LAPAC71G, LAPAC71H, LAPKC71F, LAPKC71E, LAPKC51E.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Simics Package Manager software versions ant\u00e9rieures \u00e0 1.8.3.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI Base Toolkit versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI DPC++/C++ Compiler versions ant\u00e9rieures \u00e0 2024.1.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI HPC Toolkit versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI HPC Toolkit versions ant\u00e9rieures \u00e0 2024.1.0.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI Math Kernel Library versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "BMRA software versions ant\u00e9rieures \u00e0 22.08",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Flexlm License Daemons for Intel FPGA Software version v11.19.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Advisor software versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Agilex FPGA 7 FPGA firmware versions ant\u00e9rieures \u00e0 24.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CIP software versions ant\u00e9rieures \u00e0 2.4.10717",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Connectivity Performance Suite software versions ant\u00e9rieures \u00e0 2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel DPC++ C++ Compiler software versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Ethernet Adapter Complete Driver Pack software versions ant\u00e9rieures \u00e0 28.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Fortran Compiler versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel FPGA SDK for OpenCL software technology, toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel GPA software versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Graphics Performance Analyzers (Intel GPA) software versions ant\u00e9rieures \u00e0 2023.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel HID Event Filter software versions ant\u00e9rieures \u00e0 2.2.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel High Level Synthesis Compiler software versions ant\u00e9rieures \u00e0 23.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Integrated Performance Primitive versions ant\u00e9rieures \u00e0 2021.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel IPP Cryptography software versions ant\u00e9rieures \u00e0 2021.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel ISH software for Intel NUC M15 Laptop Kits LAPBC710 and LAPBC510 versions ant\u00e9rieures \u00e0 5.4.1.4479",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel ISH software for Intel NUC M15 Laptop Kits LAPRC710 and LAPRC510 versions ant\u00e9rieures \u00e0 5.4.2.4594",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel License Manager for FLEXlm product versions ant\u00e9rieures \u00e0 11.19.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel MAS (GUI) versions ant\u00e9rieures \u00e0 2.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeurs Intel Xeon Scalable de 4\u00e8me et 5\u00e8me g\u00e9n\u00e9ration",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Data Center GPU Max Series 1100 et 1550",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Distribution pour GDB software versions ant\u00e9rieures \u00e0 2024.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Distribution pour Python pour Windows versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel ISH software for 11th Generation Intel Core Processor Family versions ant\u00e9rieures \u00e0 5.4.1.4479",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel ISH software for 12th Generation Intel Core Processor Family versions ant\u00e9rieures \u00e0 5.4.2.4594",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel MPI Library versions ant\u00e9rieures \u00e0 2021.12",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Unite Client Extended Display Plugin software installer, toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel VROC versions ant\u00e9rieures \u00e0 8.6.0.1191",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel VTune Profiler software versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "LAPAC71G and LAPAC71H versions ant\u00e9rieures \u00e0 0065",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "LAPBC510 and LAPBC710 versions ant\u00e9rieures \u00e0 0083",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "LAPKC51E, LAPKC71E, LAPKC71F versions ant\u00e9rieures \u00e0 0048",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "LAPRC510, LAPRC710 versions ant\u00e9rieures \u00e0 0066",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "VTune Profiler versions ant\u00e9rieures \u00e0 VTune 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-23495",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23495"
},
{
"name": "CVE-2024-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21801"
},
{
"name": "CVE-2024-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21844"
},
{
"name": "CVE-2024-23497",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23497"
},
{
"name": "CVE-2023-45230",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45230"
},
{
"name": "CVE-2024-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21784"
},
{
"name": "CVE-2022-36763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36763"
},
{
"name": "CVE-2023-39539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39539"
},
{
"name": "CVE-2024-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21857"
},
{
"name": "CVE-2024-24980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24980"
},
{
"name": "CVE-2024-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21787"
},
{
"name": "CVE-2024-26027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26027"
},
{
"name": "CVE-2024-27461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27461"
},
{
"name": "CVE-2023-34424",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34424"
},
{
"name": "CVE-2023-38655",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38655"
},
{
"name": "CVE-2024-23491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23491"
},
{
"name": "CVE-2024-23499",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23499"
},
{
"name": "CVE-2023-45229",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45229"
},
{
"name": "CVE-2023-45234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45234"
},
{
"name": "CVE-2023-45236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45236"
},
{
"name": "CVE-2024-24983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24983"
},
{
"name": "CVE-2024-28947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28947"
},
{
"name": "CVE-2024-28887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28887"
},
{
"name": "CVE-2024-25939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25939"
},
{
"name": "CVE-2024-29015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29015"
},
{
"name": "CVE-2024-25576",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25576"
},
{
"name": "CVE-2024-21769",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21769"
},
{
"name": "CVE-2024-24986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24986"
},
{
"name": "CVE-2024-28046",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28046"
},
{
"name": "CVE-2023-35061",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35061"
},
{
"name": "CVE-2024-34163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34163"
},
{
"name": "CVE-2024-24973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24973"
},
{
"name": "CVE-2024-26025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26025"
},
{
"name": "CVE-2023-45231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45231"
},
{
"name": "CVE-2022-29871",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29871"
},
{
"name": "CVE-2023-43747",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43747"
},
{
"name": "CVE-2023-45237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45237"
},
{
"name": "CVE-2023-40067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40067"
},
{
"name": "CVE-2024-28050",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28050"
},
{
"name": "CVE-2024-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21810"
},
{
"name": "CVE-2023-49141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49141"
},
{
"name": "CVE-2023-45233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45233"
},
{
"name": "CVE-2023-45232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45232"
},
{
"name": "CVE-2024-25562",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25562"
},
{
"name": "CVE-2024-23907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23907"
},
{
"name": "CVE-2024-23908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23908"
},
{
"name": "CVE-2024-21807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21807"
},
{
"name": "CVE-2023-35123",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35123"
},
{
"name": "CVE-2024-24977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24977"
},
{
"name": "CVE-2024-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21806"
},
{
"name": "CVE-2024-24580",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24580"
},
{
"name": "CVE-2024-22184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22184"
},
{
"name": "CVE-2024-23909",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23909"
},
{
"name": "CVE-2023-49144",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49144"
},
{
"name": "CVE-2023-48361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48361"
},
{
"name": "CVE-2024-39283",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39283"
},
{
"name": "CVE-2024-23489",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23489"
},
{
"name": "CVE-2023-43489",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43489"
},
{
"name": "CVE-2024-25561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25561"
},
{
"name": "CVE-2024-22374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22374"
},
{
"name": "CVE-2023-42667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42667"
},
{
"name": "CVE-2024-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21766"
},
{
"name": "CVE-2024-23974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23974"
},
{
"name": "CVE-2024-26022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26022"
},
{
"name": "CVE-2024-28172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28172"
},
{
"name": "CVE-2024-28876",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28876"
},
{
"name": "CVE-2024-24853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24853"
},
{
"name": "CVE-2023-45235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45235"
},
{
"name": "CVE-2024-22378",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22378"
},
{
"name": "CVE-2024-23981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23981"
},
{
"name": "CVE-2024-28953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28953"
},
{
"name": "CVE-2024-22376",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22376"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0679",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-08-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01102",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01102.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01172",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01172.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01116",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01116.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01129",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01129.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00790",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00790.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01070",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01070.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01106",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01106.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01089",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01089.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01121",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01121.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01038",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01038.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01113",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01113.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01057",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01057.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01046",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01046.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01088",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01088.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01122",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01122.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01164",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01164.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01130",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01130.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01107",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01107.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01127",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01127.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01112",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01112.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01075",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01075.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01095",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01095.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01115",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01115.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01010",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01010.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01126",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01126.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01128",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01128.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01087",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01087.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01114",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01114.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01094",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01094.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00999",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00999.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01083",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01083.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01022.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01117",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01117.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01073",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01073.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00918",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01105",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01105.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01078",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01078.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01125",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01125.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01072",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01072.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01104",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01104.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01100",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01100.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01118",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01118.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01110",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01110.html"
}
]
}
CERTFR-2024-AVI-0679
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans les produits Intel. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Intel | N/A | Intel Arc Iris Xe Graphics versions antérieures à 31.0.101.4824 | ||
| Intel | N/A | Intel NUC M15 Laptop Kits: LAPBC710, LAPBC510, LAPRC710, LAPRC510 | ||
| Intel | N/A | Intel NUC M15 Laptop Kits: LAPRC710, LAPRC510 | ||
| Intel | N/A | Intel NUC X15 Laptop | ||
| Intel | N/A | Intel oneAPI Base Toolkit software versions antérieures à 2024.1 | ||
| Intel | N/A | Intel oneAPI Base Toolkits versions antérieures à 2024.1 | ||
| Intel | N/A | Intel Quartus Prime Pro Edition Design software versions antérieures à 23.4 | ||
| Intel | N/A | Intel Quartus Prime Pro Edition Design Software versions antérieures à 24.1 | ||
| Intel | N/A | Intel(R) Ethernet Complete Driver Pack versions antérieures à 28.3 | ||
| Intel | N/A | Intel(R) Ethernet Controllers E800 Series with NVM image versions 4.4 | ||
| Intel | N/A | Intel(R) Ethernet Controllers E800 Series avec des versions antérieures à NIC1.3 PV, NVM avec versions d'images avant 3.36 et Intel(R) Ethernet Complete Driver Pack 28.3. | ||
| Intel | N/A | Intel TDX module software versions 1.5.05.46.698 | ||
| Intel | N/A | Intel TDX module software versions antérieures à TDX 1.5.01.00.592 | ||
| Intel | N/A | Intel Trace Analyzer and Collector versions antérieures à 2022.1 | ||
| Intel | N/A | Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iDmiEdit-Win software versions antérieures à 5.27.03.0006 | ||
| Intel | N/A | Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iDmiEditLnx software versions antérieures à 5.27.06.0019 | ||
| Intel | N/A | Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iFlashVLnx software versions antérieures à 5.13.00.2106 | ||
| Intel | N/A | Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iFlashVWin software versions antérieures à 5.13.00.2109 | ||
| Intel | N/A | Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iSetupCfgLnx software versions antérieures à 5.05.04.0008 | ||
| Intel | N/A | Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iSetupCfgWin software versions antérieures à 5.05.04.0008 | ||
| Intel | N/A | Intel NUC X15 Laptop Kits: LAPAC71G, LAPAC71H, LAPKC71F, LAPKC71E, LAPKC51E. | ||
| Intel | N/A | Intel Simics Package Manager software versions antérieures à 1.8.3. | ||
| Intel | N/A | Intel oneAPI Base Toolkit versions antérieures à 2024.1 | ||
| Intel | N/A | Intel oneAPI DPC++/C++ Compiler versions antérieures à 2024.1. | ||
| Intel | N/A | Intel oneAPI HPC Toolkit versions antérieures à 2024.1 | ||
| Intel | N/A | Intel oneAPI HPC Toolkit versions antérieures à 2024.1.0. | ||
| Intel | N/A | Intel oneAPI Math Kernel Library versions antérieures à 2024.1 | ||
| Intel | N/A | BMRA software versions antérieures à 22.08 | ||
| Intel | N/A | Flexlm License Daemons for Intel FPGA Software version v11.19.5.0 | ||
| Intel | N/A | Intel Advisor software versions antérieures à 2024.1 | ||
| Intel | N/A | Intel Agilex FPGA 7 FPGA firmware versions antérieures à 24.1 | ||
| Intel | N/A | Intel CIP software versions antérieures à 2.4.10717 | ||
| Intel | N/A | Intel Connectivity Performance Suite software versions antérieures à 2.0 | ||
| Intel | N/A | Intel DPC++ C++ Compiler software versions antérieures à 2024.1 | ||
| Intel | N/A | Intel Ethernet Adapter Complete Driver Pack software versions antérieures à 28.3 | ||
| Intel | N/A | Intel Fortran Compiler versions antérieures à 2024.1 | ||
| Intel | N/A | Intel FPGA SDK for OpenCL software technology, toutes versions | ||
| Intel | N/A | Intel GPA software versions antérieures à 2024.1 | ||
| Intel | N/A | Intel Graphics Performance Analyzers (Intel GPA) software versions antérieures à 2023.4 | ||
| Intel | N/A | Intel HID Event Filter software versions antérieures à 2.2.2.1 | ||
| Intel | N/A | Intel High Level Synthesis Compiler software versions antérieures à 23.4 | ||
| Intel | N/A | Intel Integrated Performance Primitive versions antérieures à 2021.11 | ||
| Intel | N/A | Intel IPP Cryptography software versions antérieures à 2021.11 | ||
| Intel | N/A | Intel ISH software for Intel NUC M15 Laptop Kits LAPBC710 and LAPBC510 versions antérieures à 5.4.1.4479 | ||
| Intel | N/A | Intel ISH software for Intel NUC M15 Laptop Kits LAPRC710 and LAPRC510 versions antérieures à 5.4.2.4594 | ||
| Intel | N/A | Intel License Manager for FLEXlm product versions antérieures à 11.19.5.0 | ||
| Intel | N/A | Intel MAS (GUI) versions antérieures à 2.5.0 | ||
| Intel | N/A | Processeurs Intel Xeon Scalable de 4ème et 5ème génération | ||
| Intel | N/A | Intel Data Center GPU Max Series 1100 et 1550 | ||
| Intel | N/A | Intel Distribution pour GDB software versions antérieures à 2024.0.1 | ||
| Intel | N/A | Intel Distribution pour Python pour Windows versions antérieures à 2024.1 | ||
| Intel | N/A | Intel ISH software for 11th Generation Intel Core Processor Family versions antérieures à 5.4.1.4479 | ||
| Intel | N/A | Intel ISH software for 12th Generation Intel Core Processor Family versions antérieures à 5.4.2.4594 | ||
| Intel | N/A | Intel MPI Library versions antérieures à 2021.12 | ||
| Intel | N/A | Intel Unite Client Extended Display Plugin software installer, toutes versions | ||
| Intel | N/A | Intel VROC versions antérieures à 8.6.0.1191 | ||
| Intel | N/A | Intel VTune Profiler software versions antérieures à 2024.1 | ||
| Intel | N/A | LAPAC71G and LAPAC71H versions antérieures à 0065 | ||
| Intel | N/A | LAPBC510 and LAPBC710 versions antérieures à 0083 | ||
| Intel | N/A | LAPKC51E, LAPKC71E, LAPKC71F versions antérieures à 0048 | ||
| Intel | N/A | LAPRC510, LAPRC710 versions antérieures à 0066 | ||
| Intel | N/A | VTune Profiler versions antérieures à VTune 2024.1 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Intel Arc Iris Xe Graphics versions ant\u00e9rieures \u00e0 31.0.101.4824",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC M15 Laptop Kits: LAPBC710, LAPBC510, LAPRC710, LAPRC510",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC M15 Laptop Kits: LAPRC710, LAPRC510",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC X15 Laptop",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI Base Toolkit software versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI Base Toolkits versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Quartus Prime Pro Edition Design software versions ant\u00e9rieures \u00e0 23.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Quartus Prime Pro Edition Design Software versions ant\u00e9rieures \u00e0 24.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel(R) Ethernet Complete Driver Pack versions ant\u00e9rieures \u00e0 28.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel(R) Ethernet Controllers E800 Series with NVM image versions 4.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel(R) Ethernet Controllers E800 Series avec des versions ant\u00e9rieures \u00e0 NIC1.3 PV, NVM avec versions d\u0027images avant 3.36 et Intel(R) Ethernet Complete Driver Pack 28.3.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel TDX module software versions 1.5.05.46.698",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel TDX module software versions ant\u00e9rieures \u00e0 TDX 1.5.01.00.592",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Trace Analyzer and Collector versions ant\u00e9rieures \u00e0 2022.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iDmiEdit-Win software versions ant\u00e9rieures \u00e0 5.27.03.0006",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iDmiEditLnx software versions ant\u00e9rieures \u00e0 5.27.06.0019",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iFlashVLnx software versions ant\u00e9rieures \u00e0 5.13.00.2106",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iFlashVWin software versions ant\u00e9rieures \u00e0 5.13.00.2109",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iSetupCfgLnx software versions ant\u00e9rieures \u00e0 5.05.04.0008",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Aptio V UEFI Firmware Integrator Tools for Intel NUC iSetupCfgWin software versions ant\u00e9rieures \u00e0 5.05.04.0008",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel NUC X15 Laptop Kits: LAPAC71G, LAPAC71H, LAPKC71F, LAPKC71E, LAPKC51E.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Simics Package Manager software versions ant\u00e9rieures \u00e0 1.8.3.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI Base Toolkit versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI DPC++/C++ Compiler versions ant\u00e9rieures \u00e0 2024.1.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI HPC Toolkit versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI HPC Toolkit versions ant\u00e9rieures \u00e0 2024.1.0.",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel oneAPI Math Kernel Library versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "BMRA software versions ant\u00e9rieures \u00e0 22.08",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Flexlm License Daemons for Intel FPGA Software version v11.19.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Advisor software versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Agilex FPGA 7 FPGA firmware versions ant\u00e9rieures \u00e0 24.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel CIP software versions ant\u00e9rieures \u00e0 2.4.10717",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Connectivity Performance Suite software versions ant\u00e9rieures \u00e0 2.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel DPC++ C++ Compiler software versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Ethernet Adapter Complete Driver Pack software versions ant\u00e9rieures \u00e0 28.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Fortran Compiler versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel FPGA SDK for OpenCL software technology, toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel GPA software versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Graphics Performance Analyzers (Intel GPA) software versions ant\u00e9rieures \u00e0 2023.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel HID Event Filter software versions ant\u00e9rieures \u00e0 2.2.2.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel High Level Synthesis Compiler software versions ant\u00e9rieures \u00e0 23.4",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Integrated Performance Primitive versions ant\u00e9rieures \u00e0 2021.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel IPP Cryptography software versions ant\u00e9rieures \u00e0 2021.11",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel ISH software for Intel NUC M15 Laptop Kits LAPBC710 and LAPBC510 versions ant\u00e9rieures \u00e0 5.4.1.4479",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel ISH software for Intel NUC M15 Laptop Kits LAPRC710 and LAPRC510 versions ant\u00e9rieures \u00e0 5.4.2.4594",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel License Manager for FLEXlm product versions ant\u00e9rieures \u00e0 11.19.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel MAS (GUI) versions ant\u00e9rieures \u00e0 2.5.0",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Processeurs Intel Xeon Scalable de 4\u00e8me et 5\u00e8me g\u00e9n\u00e9ration",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Data Center GPU Max Series 1100 et 1550",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Distribution pour GDB software versions ant\u00e9rieures \u00e0 2024.0.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Distribution pour Python pour Windows versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel ISH software for 11th Generation Intel Core Processor Family versions ant\u00e9rieures \u00e0 5.4.1.4479",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel ISH software for 12th Generation Intel Core Processor Family versions ant\u00e9rieures \u00e0 5.4.2.4594",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel MPI Library versions ant\u00e9rieures \u00e0 2021.12",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel Unite Client Extended Display Plugin software installer, toutes versions",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel VROC versions ant\u00e9rieures \u00e0 8.6.0.1191",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "Intel VTune Profiler software versions ant\u00e9rieures \u00e0 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "LAPAC71G and LAPAC71H versions ant\u00e9rieures \u00e0 0065",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "LAPBC510 and LAPBC710 versions ant\u00e9rieures \u00e0 0083",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "LAPKC51E, LAPKC71E, LAPKC71F versions ant\u00e9rieures \u00e0 0048",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "LAPRC510, LAPRC710 versions ant\u00e9rieures \u00e0 0066",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
},
{
"description": "VTune Profiler versions ant\u00e9rieures \u00e0 VTune 2024.1",
"product": {
"name": "N/A",
"vendor": {
"name": "Intel",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-23495",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23495"
},
{
"name": "CVE-2024-21801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21801"
},
{
"name": "CVE-2024-21844",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21844"
},
{
"name": "CVE-2024-23497",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23497"
},
{
"name": "CVE-2023-45230",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45230"
},
{
"name": "CVE-2024-21784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21784"
},
{
"name": "CVE-2022-36763",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36763"
},
{
"name": "CVE-2023-39539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39539"
},
{
"name": "CVE-2024-21857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21857"
},
{
"name": "CVE-2024-24980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24980"
},
{
"name": "CVE-2024-21787",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21787"
},
{
"name": "CVE-2024-26027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26027"
},
{
"name": "CVE-2024-27461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27461"
},
{
"name": "CVE-2023-34424",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34424"
},
{
"name": "CVE-2023-38655",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38655"
},
{
"name": "CVE-2024-23491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23491"
},
{
"name": "CVE-2024-23499",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23499"
},
{
"name": "CVE-2023-45229",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45229"
},
{
"name": "CVE-2023-45234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45234"
},
{
"name": "CVE-2023-45236",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45236"
},
{
"name": "CVE-2024-24983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24983"
},
{
"name": "CVE-2024-28947",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28947"
},
{
"name": "CVE-2024-28887",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28887"
},
{
"name": "CVE-2024-25939",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25939"
},
{
"name": "CVE-2024-29015",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29015"
},
{
"name": "CVE-2024-25576",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25576"
},
{
"name": "CVE-2024-21769",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21769"
},
{
"name": "CVE-2024-24986",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24986"
},
{
"name": "CVE-2024-28046",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28046"
},
{
"name": "CVE-2023-35061",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35061"
},
{
"name": "CVE-2024-34163",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34163"
},
{
"name": "CVE-2024-24973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24973"
},
{
"name": "CVE-2024-26025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26025"
},
{
"name": "CVE-2023-45231",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45231"
},
{
"name": "CVE-2022-29871",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29871"
},
{
"name": "CVE-2023-43747",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43747"
},
{
"name": "CVE-2023-45237",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45237"
},
{
"name": "CVE-2023-40067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40067"
},
{
"name": "CVE-2024-28050",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28050"
},
{
"name": "CVE-2024-21810",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21810"
},
{
"name": "CVE-2023-49141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49141"
},
{
"name": "CVE-2023-45233",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45233"
},
{
"name": "CVE-2023-45232",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45232"
},
{
"name": "CVE-2024-25562",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25562"
},
{
"name": "CVE-2024-23907",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23907"
},
{
"name": "CVE-2024-23908",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23908"
},
{
"name": "CVE-2024-21807",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21807"
},
{
"name": "CVE-2023-35123",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35123"
},
{
"name": "CVE-2024-24977",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24977"
},
{
"name": "CVE-2024-21806",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21806"
},
{
"name": "CVE-2024-24580",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24580"
},
{
"name": "CVE-2024-22184",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22184"
},
{
"name": "CVE-2024-23909",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23909"
},
{
"name": "CVE-2023-49144",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49144"
},
{
"name": "CVE-2023-48361",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48361"
},
{
"name": "CVE-2024-39283",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39283"
},
{
"name": "CVE-2024-23489",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23489"
},
{
"name": "CVE-2023-43489",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43489"
},
{
"name": "CVE-2024-25561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25561"
},
{
"name": "CVE-2024-22374",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22374"
},
{
"name": "CVE-2023-42667",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42667"
},
{
"name": "CVE-2024-21766",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21766"
},
{
"name": "CVE-2024-23974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23974"
},
{
"name": "CVE-2024-26022",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26022"
},
{
"name": "CVE-2024-28172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28172"
},
{
"name": "CVE-2024-28876",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28876"
},
{
"name": "CVE-2024-24853",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24853"
},
{
"name": "CVE-2023-45235",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45235"
},
{
"name": "CVE-2024-22378",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22378"
},
{
"name": "CVE-2024-23981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23981"
},
{
"name": "CVE-2024-28953",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28953"
},
{
"name": "CVE-2024-22376",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22376"
}
],
"links": [],
"reference": "CERTFR-2024-AVI-0679",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-08-14T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
"vendor_advisories": [
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01102",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01102.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01172",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01172.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01116",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01116.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01129",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01129.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00790",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00790.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01070",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01070.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01106",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01106.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01089",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01089.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01121",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01121.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01038",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01038.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01113",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01113.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01057",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01057.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01046",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01046.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01088",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01088.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01122",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01122.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01164",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01164.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01130",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01130.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01107",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01107.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01127",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01127.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01112",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01112.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01075",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01075.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01095",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01095.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01115",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01115.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01010",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01010.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01126",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01126.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01128",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01128.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01087",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01087.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01114",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01114.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01094",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01094.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00999",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00999.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01083",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01083.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01022",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01022.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01117",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01117.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01073",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01073.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00918",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01105",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01105.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01078",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01078.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01125",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01125.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01072",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01072.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01104",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01104.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01100",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01100.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01118",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01118.html"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-01110",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01110.html"
}
]
}
WID-SEC-W-2024-1829
Vulnerability from csaf_certbund - Published: 2024-08-13 22:00 - Updated: 2024-08-15 22:00Summary
Intel Ethernet Controller: Mehrere Schwachstellen ermöglichen Privilegieneskalation und Denial of Service
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Intel Ethernet Controller bezeichnet Netzwerkkarten (NIC) des Herstellers Intel.
Angriff
Ein lokaler oder entfernter anonymer Angreifer kann mehrere Schwachstellen in Intel Ethernet Controller ausnutzen, um seine Privilegien zu erhöhen und einen Denial-of-Service-Zustand zu erzeugen.
Betroffene Betriebssysteme
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Intel Ethernet Controller bezeichnet Netzwerkkarten (NIC) des Herstellers Intel.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler oder entfernter anonymer Angreifer kann mehrere Schwachstellen in Intel Ethernet Controller ausnutzen, um seine Privilegien zu erh\u00f6hen und einen Denial-of-Service-Zustand zu erzeugen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1829 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-1829.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1829 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1829"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-00918 vom 2024-08-13",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html"
},
{
"category": "external",
"summary": "Intel Security Advisory INTEL-SA-01106 vom 2024-08-13",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01106.html"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2024-241 vom 2024-08-13",
"url": "https://www.dell.com/support/kbdoc/de-de/000225473/dsa-2024-241.html"
},
{
"category": "external",
"summary": "Lenovo Security Advisory LEN-163493 vom 2024-08-14",
"url": "https://support.lenovo.com/us/en/product_security/LEN-163493"
},
{
"category": "external",
"summary": "Dell Security Advisory vom 2024-08-13",
"url": "https://www.dell.com/support/kbdoc/de-de/000227763/dsa-2024-359-dell-poweredge-server-security-update-for-intel-ethernet-controllers-adapters-and-tdx-software-vulnerabilities"
},
{
"category": "external",
"summary": "Lenovo Security Advisory LEN-158927 vom 2024-08-15",
"url": "https://support.lenovo.com/us/en/product_security/LEN-158927"
}
],
"source_lang": "en-US",
"title": "Intel Ethernet Controller: Mehrere Schwachstellen erm\u00f6glichen Privilegieneskalation und Denial of Service",
"tracking": {
"current_release_date": "2024-08-15T22:00:00.000+00:00",
"generator": {
"date": "2024-08-16T08:03:31.360+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-1829",
"initial_release_date": "2024-08-13T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-08-13T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-08-14T22:00:00.000+00:00",
"number": "2",
"summary": "Korrektur"
},
{
"date": "2024-08-15T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von LENOVO aufgenommen"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Dell Computer",
"product": {
"name": "Dell Computer",
"product_id": "T006498",
"product_identification_helper": {
"cpe": "cpe:/o:dell:dell_computer:-"
}
}
},
{
"category": "product_name",
"name": "Dell PowerEdge",
"product": {
"name": "Dell PowerEdge",
"product_id": "T029908",
"product_identification_helper": {
"cpe": "cpe:/h:dell:poweredge:-"
}
}
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c28.3",
"product": {
"name": "Intel Ethernet Controller \u003c28.3",
"product_id": "T036748"
}
},
{
"category": "product_version",
"name": "I219-LM",
"product": {
"name": "Intel Ethernet Controller I219-LM",
"product_id": "T036751",
"product_identification_helper": {
"cpe": "cpe:/h:intel:ethernet_controller:i219-lm"
}
}
},
{
"category": "product_version_range",
"name": "E800 \u003c3.36",
"product": {
"name": "Intel Ethernet Controller E800 \u003c3.36",
"product_id": "T036752"
}
},
{
"category": "product_version_range",
"name": "E800 \u003c4.4",
"product": {
"name": "Intel Ethernet Controller E800 \u003c4.4",
"product_id": "T036753"
}
}
],
"category": "product_name",
"name": "Ethernet Controller"
}
],
"category": "vendor",
"name": "Intel"
},
{
"branches": [
{
"category": "product_name",
"name": "Lenovo Computer",
"product": {
"name": "Lenovo Computer",
"product_id": "T030470",
"product_identification_helper": {
"cpe": "cpe:/h:lenovo:computer:-"
}
}
}
],
"category": "vendor",
"name": "Lenovo"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-21807",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Intel Ethernet Controller. Diese Fehler bestehen im Linux-Kernel-Mode-Treiber aufgrund einer unsachgem\u00e4\u00dfen Eingabevalidierung, Zugriffskontrolle und Initialisierung sowie aufgrund eines Out-of-Bond-Schreibproblems und eines Wrap-Around-Fehlers. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T029908",
"T030470"
]
},
"release_date": "2024-08-13T22:00:00.000+00:00",
"title": "CVE-2024-21807"
},
{
"cve": "CVE-2024-21810",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Intel Ethernet Controller. Diese Fehler bestehen im Linux-Kernel-Mode-Treiber aufgrund einer unsachgem\u00e4\u00dfen Eingabevalidierung, Zugriffskontrolle und Initialisierung sowie aufgrund eines Out-of-Bond-Schreibproblems und eines Wrap-Around-Fehlers. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T029908",
"T030470"
]
},
"release_date": "2024-08-13T22:00:00.000+00:00",
"title": "CVE-2024-21810"
},
{
"cve": "CVE-2024-23497",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Intel Ethernet Controller. Diese Fehler bestehen im Linux-Kernel-Mode-Treiber aufgrund einer unsachgem\u00e4\u00dfen Eingabevalidierung, Zugriffskontrolle und Initialisierung sowie aufgrund eines Out-of-Bond-Schreibproblems und eines Wrap-Around-Fehlers. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T029908",
"T030470"
]
},
"release_date": "2024-08-13T22:00:00.000+00:00",
"title": "CVE-2024-23497"
},
{
"cve": "CVE-2024-23981",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Intel Ethernet Controller. Diese Fehler bestehen im Linux-Kernel-Mode-Treiber aufgrund einer unsachgem\u00e4\u00dfen Eingabevalidierung, Zugriffskontrolle und Initialisierung sowie aufgrund eines Out-of-Bond-Schreibproblems und eines Wrap-Around-Fehlers. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T029908",
"T030470"
]
},
"release_date": "2024-08-13T22:00:00.000+00:00",
"title": "CVE-2024-23981"
},
{
"cve": "CVE-2024-24986",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen im Intel Ethernet Controller. Diese Fehler bestehen im Linux-Kernel-Mode-Treiber aufgrund einer unsachgem\u00e4\u00dfen Eingabevalidierung, Zugriffskontrolle und Initialisierung sowie aufgrund eines Out-of-Bond-Schreibproblems und eines Wrap-Around-Fehlers. Ein lokaler Angreifer kann diese Schwachstellen ausnutzen, um erweiterte Rechte zu erlangen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T029908",
"T030470"
]
},
"release_date": "2024-08-13T22:00:00.000+00:00",
"title": "CVE-2024-24986"
},
{
"cve": "CVE-2024-24983",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle im Intel Ethernet Controller aufgrund eines unzureichenden Schutzmechanismus in der Firmware. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T029908",
"T030470"
]
},
"release_date": "2024-08-13T22:00:00.000+00:00",
"title": "CVE-2024-24983"
},
{
"cve": "CVE-2024-21769",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle im Intel Ethernet Controller aufgrund eines unkontrollierten Suchpfadproblems. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um erweiterte Rechte zu erlangen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T006498",
"T029908",
"T036751",
"T030470"
]
},
"release_date": "2024-08-13T22:00:00.000+00:00",
"title": "CVE-2024-21769"
},
{
"cve": "CVE-2024-22376",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle im Intel Ethernet Controller aufgrund eines unkontrollierten Suchpfadproblems. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um erweiterte Rechte zu erlangen. Zur erfolgreichen Ausnutzung ist eine Benutzeraktion erforderlich."
}
],
"product_status": {
"known_affected": [
"T006498",
"T029908",
"T036751",
"T030470"
]
},
"release_date": "2024-08-13T22:00:00.000+00:00",
"title": "CVE-2024-22376"
},
{
"cve": "CVE-2024-21806",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle im Intel Ethernet Controller aufgrund einer unsachgem\u00e4\u00dfen Zustands\u00fcberpr\u00fcfung im Linux-Kernel-Mode-Treiber. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T029908",
"T030470"
]
},
"release_date": "2024-08-13T22:00:00.000+00:00",
"title": "CVE-2024-21806"
},
{
"cve": "CVE-2024-23499",
"notes": [
{
"category": "description",
"text": "Es besteht eine Schwachstelle im Intel Ethernet Controller aufgrund eines unzureichenden Schutzmechanismus in der Firmware. Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen."
}
],
"product_status": {
"known_affected": [
"T006498",
"T029908",
"T030470"
]
},
"release_date": "2024-08-13T22:00:00.000+00:00",
"title": "CVE-2024-23499"
}
]
}
GHSA-2GQG-96R8-5H58
Vulnerability from github – Published: 2024-08-14 15:31 – Updated: 2024-08-14 15:31
VLAI?
Details
Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Severity ?
8.8 (High)
{
"affected": [],
"aliases": [
"CVE-2024-23981"
],
"database_specific": {
"cwe_ids": [
"CWE-128",
"CWE-682"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-08-14T14:15:20Z",
"severity": "CRITICAL"
},
"details": "Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.",
"id": "GHSA-2gqg-96r8-5h58",
"modified": "2024-08-14T15:31:15Z",
"published": "2024-08-14T15:31:15Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-23981"
},
{
"type": "WEB",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"type": "CVSS_V3"
},
{
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"type": "CVSS_V4"
}
]
}
FKIE_CVE-2024-23981
Vulnerability from fkie_nvd - Published: 2024-08-14 14:15 - Updated: 2024-09-06 20:27
Severity ?
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
8.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Summary
Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| intel | ethernet_800_series_controllers_driver | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:intel:ethernet_800_series_controllers_driver:*:*:*:*:*:linux:*:*",
"matchCriteriaId": "F7AEF475-A75F-4046-B1BF-24FB635BB5A7",
"versionEndExcluding": "28.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Wrap-around error in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access."
},
{
"lang": "es",
"value": "El error envolvente en el controlador del modo kernel de Linux para algunos Intel(R) Ethernet Network Controllers and Adapters anteriores a la versi\u00f3n 28.3 puede permitir que un usuario autenticado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local."
}
],
"id": "CVE-2024-23981",
"lastModified": "2024-09-06T20:27:57.367",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "secure@intel.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.0,
"impactScore": 6.0,
"source": "nvd@nist.gov",
"type": "Primary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "secure@intel.com",
"type": "Secondary"
}
]
},
"published": "2024-08-14T14:15:20.913",
"references": [
{
"source": "secure@intel.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00918.html"
}
],
"sourceIdentifier": "secure@intel.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-128"
}
],
"source": "secure@intel.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-682"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2024-23981
Vulnerability from gsd - Updated: 2024-02-14 06:02Details
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-23981"
],
"id": "GSD-2024-23981",
"modified": "2024-02-14T06:02:27.849887Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2024-23981",
"STATE": "RESERVED"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…