Linux Kernel
CVE-2024-39286
LOW
Severity by source
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
Incorrect execution-assigned permissions in the Linux kernel mode driver for the Intel(R) 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable information disclosure via local access.
AnalysisAI
Incorrect execution-assigned permissions in the Linux kernel mode driver for the Intel(R) 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable. Rated low severity (CVSS 2.0), this vulnerability is low attack complexity. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-279. Incorrect execution-assigned permissions in the Linux kernel mode driver for the Intel(R) 800 Series Ethernet Driver before version 1.15.4 may allow an authenticated user to potentially enable information disclosure via local access. Version information: version 1.15.4.
Affected ProductsAI
See vendor advisory for affected versions.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Linux Kernel
View allLinux kernel contains a flaw known as 'Dirty Pipe' where improper pipe buffer flag initialization allows unprivileged lo
Out-of-Bounds Read in netfilter/ipset in Linux Kernel ChromeOS [6.1, 5.15, 5.10, 5.4, 4.19] allows a local attacker with
F2FS swapfile memory corruption in Linux kernel 6.6+ allows local attackers with user privileges to cause data corruptio
In the Linux kernel, the following vulnerability has been resolved: cnic: Fix use-after-free bugs in cnic_delete_task
In the Linux kernel, the following vulnerability has been resolved: iommu/s390: Fix memory corruption when using identit
Buffer overflow in the Linux kernel NFS server (NFSD) READDIR handler allows a malicious NFS client to trigger an out-of
Use-after-free in Linux ksmbd IPC handler allows remote unauthenticated attackers to trigger memory corruption via race
CVE-2025-38002 is a security vulnerability (CVSS 5.5). Risk factors: public PoC available. Vendor patch is available.
In the Linux kernel, the following vulnerability has been resolved: fs: PM: Fix reverse check in filesystems_freeze_cal
In the Linux kernel, the following vulnerability has been resolved: f2fs: ensure node page reads complete before f2fs_p
In the Linux kernel, the following vulnerability has been resolved: sunrpc: handle SVC_GARBAGE during svc auth processi
CVE-2023-53609 is a security vulnerability (CVSS 5.5). Risk factors: public PoC available. Vendor patch is available.
Same weakness CWE-279 – Incorrect Execution-Assigned Permissions
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today