CVE-2024-24986
First published: Wed Aug 14 2024(Updated: )
Improper access control in Linux kernel mode driver for some Intel(R) Ethernet Network Controllers and Adapters before version 28.3 may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel 800 Series Ethernet Driver | <28.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-24986?
CVE-2024-24986 has a critical severity rating due to its potential to allow privilege escalation.
How do I fix CVE-2024-24986?
To fix CVE-2024-24986, upgrade the Intel Ethernet 800 Series Controllers Driver to version 28.3 or later.
Who is affected by CVE-2024-24986?
CVE-2024-24986 affects users of Intel Ethernet Network Controllers and Adapters using an outdated driver version before 28.3.
Can CVE-2024-24986 be exploited remotely?
CVE-2024-24986 requires local access for exploitation, as it involves improper access control in a kernel mode driver.
What do I need to know about CVE-2024-24986?
CVE-2024-24986 is a vulnerability in the Intel Ethernet kernel driver that could allow an authenticated user to escalate privileges.
- agent/weakness
- agent/references
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/softwarecombine
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/intel
- canonical/intel 800 series ethernet driver