CVE-2025-31146
BaseFortify
Publication date: 2025-11-11
Last updated on: 2025-11-11
Assigner: Intel Corporation
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| intel | ethernet_adapter_complete_driver_pack | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-367 | The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a time-of-check time-of-use (TOCTOU) race condition in some Intel Ethernet Adapter Complete Driver Pack software versions before 1.5.1.0. It occurs within Ring 3 (user applications) and may allow an unprivileged, authenticated user to cause a denial of service through a low complexity attack that requires active user interaction. The attack may happen via adjacent access without special internal knowledge.
How can this vulnerability impact me? :
The vulnerability can impact the availability of the vulnerable system by enabling a denial of service. It does not affect confidentiality or integrity but may cause the system or service to become unavailable.