CVE-2019-0147: Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially…

medium5.5CVSS 3.1

AVLACLPRLUINSUCNINAH

Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.

Affected

13 ranges

Vendor	Product	Version range	Fixed in
debian	linux	< linux 5.2.6-1 (bookworm)	linux 5.2.6-1 (bookworm)
intel	ethernet_700_series_software	< 24.0	24.0
intel	ethernet_controller_710-bm1_firmware	< 7.0	7.0
intel	ethernet_controller_x710-at2_firmware	< 7.0	7.0
intel	ethernet_controller_x710-bm2_firmware	< 7.0	7.0
intel	ethernet_controller_x710-tm4_firmware	< 7.0	7.0
intel	ethernet_controller_xxv710-am1_firmware	< 7.0	7.0
intel	ethernet_controller_xxv710-am2_firmware	< 7.0	7.0
linux	linux_kernel	>= 0 < 5.2.6-1	5.2.6-1
linux	linux_kernel	>= 0 < 5.2.6-1	5.2.6-1
linux	linux_kernel	>= 0 < 5.2.6-1	5.2.6-1
linux	linux_kernel	>= 0 < 5.2.6-1	5.2.6-1
paloalto	pan-os	—	—

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

osv5.5MEDIUM