CVE-2013-1634
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
13/02/2020
Last modified:
27/02/2020
Description
A denial of service vulnerability exists in some motherboard implementations of Intel e1000e/82574L network controller devices through 2013-02-06 where the device can be brought into a non-processing state when parsing 32 hex, 33 hex, or 34 hex byte values at the 0x47f offset. NOTE: A followup statement from Intel suggests that the root cause of this issue was an incorrectly configured EEPROM image.
Impact
Base Score 3.x
7.50
Severity 3.x
HIGH
Base Score 2.0
7.80
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:intel:82574l_controller_firmware:*:*:*:*:*:*:*:* | 2013-02-06 (including) | |
| cpe:2.3:h:intel:82574l_controller:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://blog.krisk.org/2013/02/packets-of-death.html
- http://web.archive.org/web/20131205055429/https://communities.intel.com/community/wired/blog/2013/02/07/intel-82574l-gigabit-ethernet-controller-statement
- http://www.openwall.com/lists/oss-security/2013/02/12/3
- http://www.openwall.com/lists/oss-security/2013/02/12/4
- http://www.securitytracker.com/id/1028089
- https://exchange.xforce.ibmcloud.com/vulnerabilities/85069