CVE-2019-0149
MEDIUMIntel Ethernet 700 Series Firmware < 2.8.43 - DoS via i40e Driver Input
Title source: llmDescription
Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00255.html
Scores
CVSS v3
5.5
EPSS
0.0015
EPSS Percentile
34.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-20
Status
published
Products (7)
intel/ethernet_700_series_software
< 24.0
intel/ethernet_controller_710-bm1_firmware
< 2.8.43
intel/ethernet_controller_x710-at2_firmware
< 2.8.43
intel/ethernet_controller_x710-bm2_firmware
< 2.8.43
intel/ethernet_controller_x710-tm4_firmware
< 2.8.43
intel/ethernet_controller_xxv710-am1_firmware
< 2.8.43
intel/ethernet_controller_xxv710-am2_firmware
< 2.8.43
Published
Nov 14, 2019
Tracked Since
Feb 18, 2026