[security-alerts] FW: [SA23221] Intel LAN Driver Unspecified Privilege Escalation Vulnerability

["Kazennov, Vladimir" <Vladimir.Kazennov@xxxxxxxxxx>]

> ----------------------------------------------------------------------
> 
> TITLE:
> Intel LAN Driver Unspecified Privilege Escalation Vulnerability
> 
> SECUNIA ADVISORY ID:
> SA23221
> 
> VERIFY ADVISORY:
> http://secunia.com/advisories/23221/
> 
> CRITICAL:
> Less critical
> 
> IMPACT:
> Privilege escalation
> 
> WHERE:
> Local system
> 
> SOFTWARE:
> Intel PRO 10/100 Adapters (Linux) 3.x
> http://secunia.com/product/12824/
> Intel PRO 10/100 Adapters (UnixWare/SCO6) 4.x
> http://secunia.com/product/12827/
> Intel PRO 10/100 Adapters (Windows) 8.x
> http://secunia.com/product/12821/
> Intel PRO/1000 Adapters (Linux) 7.x
> http://secunia.com/product/12825/
> Intel PRO/1000 Adapters (UnixWare/SCO6) 9.x
> http://secunia.com/product/12828/
> Intel PRO/1000 Adapters (Windows) 8.x
> http://secunia.com/product/12822/
> Intel PRO/1000 PCIe Adapters (Windows) 9.x
> http://secunia.com/product/12823/
> Intel PRO/10GbE Adapters (Linux) 1.x
> http://secunia.com/product/12826/
> 
> DESCRIPTION:
> A vulnerability has been reported in Intel LAN drivers, which can be
> exploited by malicious, local users to gain escalated privileges.
> 
> The vulnerability is caused due to an unspecified error and can be
> exploited to cause a buffer overflow by using certain function calls
> incorrectly.
> 
> Successful exploitation allows execution of arbitrary code with
> kernel-level privileges.
> 
> SOLUTION:
> Apply patches (see the vendor's advisory for details).
> 
> PROVIDED AND/OR DISCOVERED BY:
> The vendor credits eEye Digital Security.
> 
> ORIGINAL ADVISORY:
> Intel:
> http://www.intel.com/support/network/sb/CS-023726.htm
>