CVE-2024-21807
First published: Wed Aug 14 2024(Updated: )
Improper initialization in the Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Ethernet Network Controllers and Adapters | <28.3 | |
| Linux Kernel | <28.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-21807?
CVE-2024-21807 is classified as a high-severity vulnerability due to its potential for privilege escalation.
How do I fix CVE-2024-21807?
To mitigate CVE-2024-21807, update the Intel Ethernet Network Controllers and Adapters to version 28.3 or later.
Who is affected by CVE-2024-21807?
CVE-2024-21807 affects Intel Ethernet Network Controllers and Adapters and the Linux kernel version prior to 28.3.
Can CVE-2024-21807 be exploited remotely?
CVE-2024-21807 requires local access to exploit, meaning an authenticated user can potentially escalate privileges.
What systems are vulnerable to CVE-2024-21807?
Systems using Intel Ethernet Network Controllers and Adapters or Linux kernel versions before 28.3 are vulnerable to CVE-2024-21807.
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- agent/weakness
- collector/nvd-api
- source/NVD
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/intel
- canonical/intel ethernet network controllers and adapters
- vendor/linux
- canonical/linux kernel