Intel disclosed multiple vulnerabilities in Linux kernel-mode Ethernet drivers for its 700 Series, 800 Series, and I350 Series network adapters, warning that authenticated local users could exploit the flaws for privilege escalation, information disclosure, or denial of service. The most severe issue listed in INTEL-SA-01296 is CVE-2025-24325, rated CVSS 4.0 9.3 Critical, affecting some Intel 800 Series Ethernet drivers before version 1.17.2; Intel said the advisory covers eight CVEs tied to improper input validation, insufficient control flow management, exceptional-condition handling, and integer overflow. A separate advisory, INTEL-SA-01335, covers Intel 700 Series and I350 Series Linux drivers, including 700 Series flaws such as CVE-2025-24486, CVE-2025-21086, and CVE-2025-25273, which can expose vulnerable kernel code paths in the i40e driver and potentially lead to root-level compromise on affected Linux systems.
Intel said affected 700 Series driver versions earlier than 2.28.5 and I350 Series driver versions earlier than 5.19.2 should be upgraded, while 800 Series deployments should move to 1.17.2 or later; fixes are also available through the Intel Ethernet Adapter Complete Driver Pack version 30.0.1 or later. The impacted hardware spans widely deployed enterprise and cloud platforms, including Intel I710, X710, XL710, XXV710, V710, X722, and multiple Xeon- and Atom-based systems. Intel said the vulnerabilities were discovered internally and released under coordinated disclosure after mitigations became available, and public reporting indicated no proof-of-concept exploit had been released for the highlighted 700 Series issues at the time of publication.

Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
4 events from the most recent confirmed update back to the earliest known activity.
Lenovo addressed CVE-2025-4423, a System Management Mode buffer overflow vulnerability in certain Lenovo all-in-one desktops using Insyde-based UEFI firmware, through advisory LEN-201013 and coordinated firmware updates. The flaw was described as one of six related SMM vulnerabilities identified by Binarly researchers.
Lenovo disclosed six vulnerabilities in code developed specifically for its products, affecting SMM-related modules including EfiSmiServices and SetupAutomationSmm. The flaws included memory corruption, arbitrary code write, improper input validation, stack overflow, and information disclosure issues, and users were directed to Lenovo's Product Security Advisories and Announcements page for details.
Intel disclosed multiple vulnerabilities affecting certain Linux kernel-mode Ethernet drivers for Intel 700 Series and Intel I350 Series devices. Intel released updated drivers, including fixes in 700 Series driver version 2.28.5 and I350 driver version 5.19.2, and said the issues were discovered internally and disclosed after mitigations became available.
Intel disclosed eight vulnerabilities affecting Linux kernel-mode drivers for some Intel 800 Series Ethernet devices prior to version 1.17.2. Intel said mitigations were available and recommended upgrading to driver version 1.17.2 or later, including via Intel Ethernet Adapter Complete Driver Pack 30.0.1 or later.
Vulnerabilities, threat actors, malware, products, organizations, and breaches Mallory has linked to this story.
9 references tracked. Mallory keeps watching after this page renders.
zeropath.com
Open sourcezeropath.com
Open sourcezeropath.com
Open sourcezeropath.com
Open sourceinsyde.com
Open sourcezeropath.com
Open sourcezeropath.com
Open sourceintel.com
Open sourceintel.com
Open sourceMap indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.