Intel 700 Series Ethernet Driver Privilege Escalation Vulnerabilities (CVE-2025-24486 and CVE-2025-25273)
F5 published security advisories regarding two privilege escalation vulnerabilities affecting the Linux kernel-mode driver for Intel 700 Series Ethernet adapters, identified as CVE-2025-24486 and CVE-2025-25273. Both vulnerabilities could allow an authenticated local user to escalate privileges via improper input validation and insufficient control flow management, respectively, in driver versions prior to 2.28.5. F5 confirmed that none of its products are affected by either vulnerability after evaluating all currently supported releases.
The advisories clarify that these issues do not impact F5 products, and no action is required for F5 customers. The company will not update the advisories further unless new information emerges. Customers are encouraged to review the security response policy and subscribe to notifications for future updates regarding F5 product security.
Sources
Related Stories
Linux Kernel Vulnerability CVE-2025-21887 and Vendor Impact Assessments
A use-after-free vulnerability identified as CVE-2025-21887 was discovered in the Linux kernel's OverlayFS implementation, specifically involving improper handling of the `dput()` operation in `ovl_dentry_update_reval`. This flaw could potentially allow local attackers to exploit the kernel, but F5 has confirmed that none of its products are affected by this vulnerability. The issue has been resolved in the upstream Linux kernel, and vendors have begun evaluating and addressing the impact on their respective products. Red Hat and Ubuntu have both issued security advisories urging users and administrators to apply updates to address vulnerabilities in the Linux kernel across multiple supported versions and platforms. These advisories are part of a coordinated response to recent kernel vulnerabilities, including CVE-2025-21887, ensuring that enterprise and cloud environments remain protected. Organizations are encouraged to review vendor-specific guidance and implement the recommended patches to mitigate potential risks associated with this kernel flaw.
4 months ago
Fortinet patches multiple vulnerabilities including FortiManager fgtupdates stack overflow enabling remote command execution
**Fortinet** issued a broad security update addressing **11 vulnerabilities** across products including *FortiManager*, *FortiAnalyzer*, *FortiSwitch*, and *FortiSandbox*, spanning issues such as authentication weaknesses, buffer overflows, OS command injection, and SQL injection. The most operationally significant items include vulnerabilities that could enable **remote command execution** or privilege escalation in unpatched enterprise environments; one highlighted flaw is a stack-based buffer overflow in *FortiManager*’s `fgtupdates` service (**CVE-2025-54820**, Fortinet advisory **FG-IR-26-098**), which can be triggered via crafted requests when the service is enabled. Separate vendor advisories published around the same time cover unrelated products and should not be conflated with Fortinet’s update: **HPE Aruba** patched *AOS-CX* switch OS issues including a critical auth bypass (**CVE-2026-23813**) that can allow unauthenticated attackers to reset admin passwords via the web management interface, while **F5** published “not affected” notices for an **Apache Solr** input-validation issue in the “create core” API (**CVE-2026-22444**) that can lead to unauthorized filesystem path reads (and potential NTLM hash disclosure on Windows with UNC paths), and for an **Intel 800 Series Ethernet** Linux driver input-validation flaw (**CVE-2025-24325**) that may allow local privilege escalation on certain F5 appliance lines.
1 weeks agoMultiple F5 Security Advisories for Third-Party Vulnerabilities
F5 Networks has issued a series of security advisories addressing recently disclosed vulnerabilities in various third-party software components, including LibTIFF, GnuTLS, Samba, SQLite, Apache HTTP Server, gnuplot, and the Linux kernel (brcmfmac). Each advisory provides a technical summary of the vulnerability, its potential impact, and the results of F5's internal evaluation regarding exposure in their products. In all cases except for the SQLite vulnerability (CVE-2019-8457), F5 confirmed that their products are not affected and no action is required for customers using supported versions. The SQLite advisory (CVE-2019-8457) details a heap out-of-bounds read issue that could allow a remote, low-privileged user to crash the system by providing a maliciously crafted R-Tree table. F5 has assigned internal tracking IDs and provided guidance for customers to determine if their products are affected, including references to diagnostic tools and remediation steps. These advisories reflect F5's ongoing process of evaluating and communicating the impact of upstream vulnerabilities on their product portfolio, ensuring customers are informed about potential risks and mitigations.
3 months ago