CVE-2024-29079Insufficient Control Flow Management in Intel Virtual Raid ON CPU

CWE-691Insufficient Control Flow Management3 documents3 sources
Severity
6.9MEDIUMNVD
EPSS
0.1%
top 75.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Intel Virtual Raid ON CPU
Timeline
PublishedNov 13

Description

Insufficient control flow management in some Intel(R) VROC software before version 8.6.0.3001 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Affected Packages1 packages

NVDintel/virtual_raid_on_cpu< 8.6.0.3001

🔴Vulnerability Details

2
CVEList
CVE-2024-29079: Insufficient control flow management in some Intel(R) VROC software before version 82024-11-13
GHSA
GHSA-349p-cc4x-9fv4: Insufficient control flow management in some Intel(R) VROC software before version 82024-11-13
CVE-2024-29079 — Insufficient Control Flow Management | cvebase