Input validation error in Intel Ethernet Controllers X722 series Linux drivers and Intel Ethernet Controllers 800 series Linux drivers - CVE-2021-0084
Published: August 12, 2021
Vulnerability identifier: #VU55814
CSH Severity: Low
CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear
CVE-ID: CVE-2021-0084
CWE-ID: CWE-20
Exploitation vector: Local access
Exploit availability:
No public exploit available
Vendor: Intel
Affected software:
Intel Ethernet Controllers X722 series Linux drivers
Intel Ethernet Controllers 800 series Linux drivers
Intel Ethernet Controllers X722 series Linux drivers
Intel Ethernet Controllers 800 series Linux drivers
Detailed vulnerability description
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to insufficient validation of user-supplied input. A local user can pass specially crafted input to the application and gain elevated privileges on the target system.
How to mitigate CVE-2021-0084
Install updates from vendor's website.