Vulnerability Description
Insufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare before version 2.1.5.0 may allow an authenticated user to potentially enable a denial of service via local access.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Ixgben | < 1.11.4.0 |
| Intel | 82599 10 Gigabit Ethernet Controller | - |
| Intel | Ethernet Controller X540 | - |
| Intel | Ethernet Controller X550 | - |
| Intel | Ethernet Controller X552 | - |
| Vmware | I40En | < 2.1.5.0 |
| Intel | Ethernet Controller X710 | - |
| Intel | Ethernet Controller X722 | - |
| Intel | Ethernet Controller Xl710 | - |
| Intel | Ethernet Controller Xxv710 | - |
References
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00650.PatchVendor Advisory
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00650.PatchVendor Advisory
FAQ
What is CVE-2022-21793?
CVE-2022-21793 is a vulnerability with a CVSS score of 5.5 (MEDIUM). Insufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare bef...
How severe is CVE-2022-21793?
CVE-2022-21793 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2022-21793?
Check the references section above for vendor advisories and patch information. Affected products include: Vmware Ixgben, Intel 82599 10 Gigabit Ethernet Controller, Intel Ethernet Controller X540, Intel Ethernet Controller X550, Intel Ethernet Controller X552.