Integer overflow in Intel(r) 800 Series Ethernet

CVE-2025-24324

Integer overflow or wraparound in the Linux kernel-mode driver for some Intel(R) 800 Series Ethernet before version 1.17.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

Vulnerability class: Integer Overflow

EPSS: 0.001 (1.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 2.8 (Low). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N.

Affected products

  • N/a Intel(r) 800 Series Ethernet — versions before version 1.17.2

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2025-24324?
CVE-2025-24324 is a low-severity vulnerability in Intel(r) 800 Series Ethernet, classified under Integer Overflow or Wraparound. CVSS score: 2.8/10. Published 2025-08-12.
How severe is CVE-2025-24324?
Low severity. CVSS v3 base score is 2.8 out of 10.