CVE-2019-0146
First published: Thu Nov 14 2019(Updated: )
Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Ethernet Controller x710-tm4 | <2.8.43 | |
| Intel Ethernet Controller x710-tm4 | ||
| Intel Ethernet Controller x710-at2 | <2.8.43 | |
| Intel Ethernet Controller x710-at2 | ||
| Intel Ethernet Controller XXV710-AM2 | <2.8.43 | |
| Intel Ethernet Controller xxv710-am2 firmware | ||
| Intel Ethernet Controller XXV710-AM1 | <2.8.43 | |
| Intel Ethernet Controller XXV710-AM1 Firmware | ||
| Intel Ethernet Controller x710-bm2 | <2.8.43 | |
| Intel Ethernet Controller x710-bm2 firmware | ||
| Intel Ethernet Controller XL710-BM1 Firmware | <2.8.43 | |
| Intel Ethernet Controller 710-bm1 Firmware | ||
| Intel Ethernet 700 Series software | <24.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this resource leak in i40e driver?
The vulnerability ID for this resource leak in i40e driver is CVE-2019-0146.
What is the severity level of CVE-2019-0146?
The severity level of CVE-2019-0146 is medium with a CVSS score of 5.5.
Which versions of Intel Ethernet 700 Series Controllers are affected by this vulnerability?
The versions of Intel Ethernet 700 Series Controllers affected by this vulnerability are before version 2.8.43.
How can an authenticated user potentially enable a denial of service using this vulnerability?
An authenticated user can potentially enable a denial of service by exploiting the resource leak in i40e driver through local access.
Where can I find more information about CVE-2019-0146?
You can find more information about CVE-2019-0146 at the following link: [Intel Security Advisory Intel-SA-00255](https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00255.html)
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/references
- agent/severity
- agent/last-modified-date
- agent/remedy
- agent/first-publish-date
- agent/event
- agent/description
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/intel
- canonical/intel ethernet controller x710-tm4
- canonical/intel ethernet controller x710-at2
- canonical/intel ethernet controller xxv710-am2
- canonical/intel ethernet controller xxv710-am2 firmware
- canonical/intel ethernet controller xxv710-am1
- canonical/intel ethernet controller xxv710-am1 firmware
- canonical/intel ethernet controller x710-bm2
- canonical/intel ethernet controller x710-bm2 firmware
- canonical/intel ethernet controller xl710-bm1 firmware
- canonical/intel ethernet controller 710-bm1 firmware
- canonical/intel ethernet 700 series software