Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
intelIntel Security CenterINTEL:INTEL-SA-00555
HistoryNov 09, 2021 - 12:00 a.m.

Intel® Ethernet Drivers Advisory

2021-11-0900:00:00
Intel Security Center
www.intel.com
19
JSON

Summary:

Potential security vulnerabilities in some Intel® Ethernet drivers may allow escalation of privilege or denial of service. Intel is releasing software updates to mitigate these potential vulnerabilities.

Vulnerability Details:

CVEID: CVE-2021-33058

Description: Improper access control in the installer Intel® Administrative Tools for Intel® Network Adapters for Windows before version 1.4.0.21 may allow an unauthenticated user to potentially enable escalation of privilege via local access.

CVSS Base Score: 6.7 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H****

CVEID: CVE-2021-33098

Description: Improper input validation in the Intel® Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.

CVSS Base Score: 6.5 Medium

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H****

CVEID: CVE-2021-33059

Description: Improper input validation in the Intel® Administrative Tools for Intel® Network Adapters driver for Windows before version 1.4.0.15 may allow a privileged user to potentially enable escalation of privilege via local access.

CVSS Base Score: 3.9 Low

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L****

Affected Products:

Intel® Ethernet 500 Series Controllers driver for Linux before version 3.17.3.

Intel® Administrative Tools for Intel® Network Adapters driver installer for Windows before version 1.4.0.21.

Intel® Administrative Tools for Intel® Network Adapters driver for Windows before version 1.4.0.15.

Recommendations:

Intel recommends updating the above Intel® Ethernet software to the latest versions.

Updates are available for download at this location: <https://downloadcenter.intel.com/download/22283/Intel-Ethernet-Adapter-Complete-Driver-Pack&gt;

Acknowledgements:

CVE-2021-33098 was found externally by Asaf Modelevsky (Amazon Web Services).

The remaining issues were found internally by Intel employees.

Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.

Related

prion 3
cve 3
debiancve 1
veracode 1
redhatcve 1
ubuntucve 1
oraclelinux 1
nessus 31
openvas 24
photon 2
suse 2
cloudfoundry 1
ubuntu 1
osv 1
redhat 1
prion
prion
Improper access control
2021-11-17 20:15:00
Input validation
2021-11-17 20:15:00
Input validation
2021-11-17 20:15:00
cve
cve
CVE-2021-33058
2021-11-17 20:15:00
CVE-2021-33059
2021-11-17 20:15:00
CVE-2021-33098
2021-11-17 20:15:00
debiancve
debiancve
CVE-2021-33098
2021-11-17 20:15:00
veracode
veracode
Denial Of Service (DoS)
2022-02-08 18:06:15
redhatcve
redhatcve
CVE-2021-33098
2022-03-24 18:23:57
ubuntucve
ubuntucve
CVE-2021-33098
2021-11-17 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2024-02-01 00:00:00
nessus
nessus
OracleVM 3.4 : kernel-uek (OVMSA-2024-0002)
2024-03-05 00:00:00
Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2024-12110)
2024-02-02 00:00:00
EulerOS 2.0 SP5 : kernel (EulerOS-SA-2022-1523)
2022-04-25 00:00:00
openvas
openvas
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1523)
2022-04-25 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1466)
2022-04-20 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2022-1308)
2022-03-02 00:00:00
photon
photon
Important Photon OS Security Update - PHSA-2021-0278
2021-08-01 00:00:00
Important Photon OS Security Update - PHSA-2021-3.0-0278
2021-08-01 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2022-03-01 00:00:00
Security update for the Linux Kernel (critical)
2022-02-10 00:00:00
cloudfoundry
cloudfoundry
USN-5343-1: Linux kernel vulnerabilities | Cloud Foundry
2022-04-21 00:00:00
ubuntu
ubuntu
Linux kernel vulnerabilities
2022-03-22 00:00:00
osv
osv
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
2022-03-22 20:05:42
redhat
redhat
(RHSA-2021:4356) Moderate: kernel security, bug fix, and enhancement update
2021-11-09 09:08:02
JSON
Related for INTEL:INTEL-SA-00555
prion3cve3debiancve1veracode1redhatcve1ubuntucve1oraclelinux1nessus31openvas24photon2suse2cloudfoundry1ubuntu1osv1redhat1