cbcvebase.
CVE-2019-0149
published 2019-11-14

CVE-2019-0149: Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially…

medium5.5CVSS 3.1
AVLACLPRLUINSUCNINAH
Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.

Affected

13 ranges
VendorProductVersion rangeFixed in
debianlinux< linux 5.2.6-1 (bookworm)linux 5.2.6-1 (bookworm)
intelethernet_700_series_software< 24.024.0
intelethernet_controller_710-bm1_firmware< 2.8.432.8.43
intelethernet_controller_x710-at2_firmware< 2.8.432.8.43
intelethernet_controller_x710-bm2_firmware< 2.8.432.8.43
intelethernet_controller_x710-tm4_firmware< 2.8.432.8.43
intelethernet_controller_xxv710-am1_firmware< 2.8.432.8.43
intelethernet_controller_xxv710-am2_firmware< 2.8.432.8.43
linuxlinux_kernel>= 0 < 5.2.6-15.2.6-1
linuxlinux_kernel>= 0 < 5.2.6-15.2.6-1
linuxlinux_kernel>= 0 < 5.2.6-15.2.6-1
linuxlinux_kernel>= 0 < 5.2.6-15.2.6-1
paloaltopan-os

CVSS provenance

nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
osv5.5MEDIUM