Potential security vulnerabilities in the Intel® Field Programmable Gate Array (FPGA) Programmable Acceleration Card (PAC) N3000 may allow escalation of privilege or denial of service.
Description: Improper access control in PCIe function for the Intel® FPGA Programmable Acceleration Card N3000, all versions, may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N/RL:U
Description: Improper access control in on-card storage for the Intel® FPGA Programmable Acceleration Card N3000, all versions, may allow a privileged user to potentially enable denial of service via local access.
CVSS Base Score: 4.4 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H/RL:U
The Intel® FPGA Programmable Acceleration Card N3000 all versions.
Intel recommends that systems using the N3000 enable DMA protection, including pre-boot phases, as described in the following white paper:
Using IOMMU for DMA Protection in UEFI Firmware
Intel will not be releasing an update for this issue. Intel recommends limiting privileged access of host systems to trusted individuals, as part of normal security practices.
These issues were found internally by Intel employees. Intel would like to thank Hareesh Khattri (Security Researcher, IPAS).
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.