{"containers": {"cna": {"affected": [{"product": "Intel(R) Ethernet E810 Adapter drivers for Linux", "vendor": "n/a", "versions": [{"status": "affected", "version": "before version 1.0.4"}]}], "descriptions": [{"lang": "en", "value": "Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access."}], "problemTypes": [{"descriptions": [{"description": "denial of service", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-02-17T13:37:27", "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "shortName": "intel"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@intel.com", "ID": "CVE-2020-24504", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Intel(R) Ethernet E810 Adapter drivers for Linux", "version": {"version_data": [{"version_value": "before version 1.0.4"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "denial of service"}]}]}, "references": {"reference_data": [{"name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html", "refsource": "MISC", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T15:12:09.016Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html"}]}]}, "cveMetadata": {"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce", "assignerShortName": "intel", "cveId": "CVE-2020-24504", "datePublished": "2021-02-17T13:37:27", "dateReserved": "2020-08-19T00:00:00", "dateUpdated": "2024-08-04T15:12:09.016Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:intel:ethernet_network_adapter_e810_firmware:*:*:*:*:*:linux:*:*", "matchCriteriaId": "A0B0F612-14C1-42DF-9E18-1225F87FC376", "versionEndExcluding": "1.0.4", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda1:-:*:*:*:*:*:*:*", "matchCriteriaId": "87F3AB90-46C3-48DD-B0B4-4E036712ECCB", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda1_for_ocp:-:*:*:*:*:*:*:*", "matchCriteriaId": "86F81244-F28E-416A-B3B6-7A1F79D8AC73", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda1_for_ocp_3.0:-:*:*:*:*:*:*:*", "matchCriteriaId": "F06D5B95-4DD0-4BEB-A32A-AAE300046670", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda2:-:*:*:*:*:*:*:*", "matchCriteriaId": "D582770B-4CCD-43A4-B218-FFD9AE530A24", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-cqda2_for_ocp_3.0:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA63976A-922C-4E50-8D69-D7F6A62AD31E", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda2:-:*:*:*:*:*:*:*", "matchCriteriaId": "4E006D87-BC0F-485E-931D-789221B9D876", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda2_for_ocp:-:*:*:*:*:*:*:*", "matchCriteriaId": "3D255A8A-BB76-4F8E-9E44-3F391AA16CE3", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda2_for_ocp_3.0:-:*:*:*:*:*:*:*", "matchCriteriaId": "31F0C290-6882-49EB-B89A-9CFCC1A4BEEA", "vulnerable": false}, {"criteria": "cpe:2.3:h:intel:ethernet_network_adapter_e810-xxvda4:-:*:*:*:*:*:*:*", "matchCriteriaId": "DA0F1118-C181-42B4-B3C4-A5AE9F59654E", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access."}, {"lang": "es", "value": "Un consumo de recursos no controlado en algunos controladores Intel\u00ae Ethernet E810 Adapter para Linux versi\u00f3n anterior a 1.0.4, puede permitir a un usuario autenticado habilitar potencialmente una denegaci\u00f3n de servicio por medio de un acceso local"}], "id": "CVE-2020-24504", "lastModified": "2021-02-22T15:28:53.337", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 2.1, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-02-17T14:15:18.420", "references": [{"source": "secure@intel.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html"}], "sourceIdentifier": "secure@intel.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2021:4140", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-348.rt7.130.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}, {"advisory": "RHSA-2021:4356", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-348.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2021-11-09T00:00:00Z"}], "bugzilla": {"description": "kernel: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers", "id": "1930376", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1930376"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400", "details": ["Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.", "An uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux may allow an authenticated user to potentially cause a denial of service via local access."], "name": "CVE-2020-24504", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Will not fix", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2021-02-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-24504\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-24504\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00462.html"], "threat_severity": "Moderate"}