What is CVE-2021-0084?

CVE-2021-0084 is a high-severity vulnerability in Intel Ethernet_controller_e810, classified under Improper Input Validation. CVSS score: 7.8/10. Published 2021-08-11.

How severe is CVE-2021-0084?

High severity. CVSS v3 base score is 7.8 out of 10.

Improper input validation in Intel Ethernet_controller_e810

CVE-2021-0084

Improper input validation in the Intel(R) Ethernet Controllers X722 and 800 series Linux RMDA driver before version 1.3.19 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vulnerability class: Drupalgeddon 2 (CVE-2018-7600)

EPSS: 0.003 (23.1th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Intel Ethernet_controller_e810
Intel Ethernet_controller_e810_firmware
Intel X722da2
Intel X722da2_firmware
Intel X722da4fh
Intel X722da4fh_firmware
Intel X722da4g1p5
Intel X722da4g1p5_firmware
N/a Intel(r) Ethernet Controllers X722 And 800 Series Linux Rmda Driver — versions before version 1.3.19

Weakness classification (CWE)

CWE-20 — Improper Input Validation

References

secure@intel.com (x_refsource_MISC, Vendor Advisory)
secure@intel.com (x_refsource_CONFIRM, Third Party Advisory)

Frequently asked questions

What is CVE-2021-0084?: CVE-2021-0084 is a high-severity vulnerability in Intel Ethernet_controller_e810, classified under Improper Input Validation. CVSS score: 7.8/10. Published 2021-08-11.
How severe is CVE-2021-0084?: High severity. CVSS v3 base score is 7.8 out of 10.