CVE-2019-0145

CWE-120Classic Buffer Overflow6 documents6 sources
Severity
7.8HIGH
EPSS
0.0%
top 85.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Intel Ethernet 700 Series SoftwareIntel Ethernet Controller 710-bm1 FirmwareIntel Ethernet Controller X710-at2 Firmware+5 more
Timeline
PublishedNov 14
Latest updateMay 24

Description

Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages10 packages

Patches

Patch: www.intel.comPatch: www.intel.com

🔴Vulnerability Details

4
GHSA
GHSA-2vg2-p84m-hhr5: Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 72022-05-24
Kernel
fortify: Detect struct member overflows in memcpy() at compile-time2021-04-20
CVEList
CVE-2019-0145: Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 72019-11-14
OSV
CVE-2019-0145: Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 72019-11-14

📋Vendor Advisories

1
Debian
CVE-2019-0145: linux - Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers vers...2019