cvelistv5 - cve-2018-12224

cve-2018-12224

Vulnerability from cvelistv5

Published

2019-03-14 20:00

Modified

2024-09-16 20:16

Severity ?

Summary

References

URL	Tags
secure@intel.com	https://support.lenovo.com/us/en/product_security/LEN-25084
secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.lenovo.com/us/en/product_security/LEN-25084
af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html	Patch, Vendor Advisory

Impacted products

Vendor

Product

Version

▼

Intel Corporation

Intel(R) Graphics Driver for Windows

Version: Multiple versions.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T08:30:59.674Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) Graphics Driver for Windows",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Multiple versions."
            }
          ]
        }
      ],
      "datePublic": "2019-03-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Information Disclosure",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-04T18:06:06",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2019-03-12T00:00:00",
          "ID": "CVE-2018-12224",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) Graphics Driver for Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Multiple versions."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Information Disclosure"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-25084",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-12224",
    "datePublished": "2019-03-14T20:00:00Z",
    "dateReserved": "2018-06-11T00:00:00",
    "dateUpdated": "2024-09-16T20:16:38.376Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"34E5968D-A8DF-48A4-8B2D-3FD3D4CAA33B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BD8D4743-2DA3-4638-956D-CD816C063D79\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FFF3AA02-FA3E-407E-9DAB-D849B3192226\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1E25D2E3-B3C5-4D54-AC38-51EA755753DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"565BC82E-A142-4660-B14A-E6D53FFCB39B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"116D57F0-4884-4545-BDDA-2C97474DD95F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9875754-1D9E-4547-B6F8-35D49EF10A5D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"24752A43-443A-434A-AE3C-3FC6537FCAA7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E9DB6338-23B0-4C1D-97C2-345A22EDCFEE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8D7C8297-0E65-4659-8049-34401194D0FA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"58D10DEC-49BC-4226-83CE-0C4B805CD296\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1FDD8D7-E7EA-4758-A8FA-8B0D038485B9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EBCDCF96-ACF9-4074-AEC0-2EA9CAE43577\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BA3A67F6-415F-4B0E-AA2B-40286CC492A9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B637567-0958-488D-ACCA-E5A61D71433A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9579A4DB-D506-4570-9C40-1CB4BD666A69\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"09F53D97-D600-4AB1-8898-2491AC8B90A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9BD4933D-2CE7-43C5-A69F-564FA426C44A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2B4B7AE8-F258-4C7A-B148-E04ED1291159\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7243B482-C7F0-4168-9F8A-22872E141513\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A5C5C641-583B-4B90-BD70-59AC5B9996E9\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"979DC154-CCE0-429B-A70E-AFD9F8CA5DCB\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FCAEB64E-D941-41F9-B88D-603B53039A66\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access.\"}, {\"lang\": \"es\", \"value\": \"Filtrado de b\\u00fafer en igdkm64.sys en Intel(R) Graphics Driver for Windows* en versiones anteriores a la 10.18.x.5059 (tambi\\u00e9n conocido como 15.33.x.5059), 10.18.x.5057 (tambi\\u00e9n conocido como 15.36.x.5057), 20.19.x.5063 (tambi\\u00e9n conocido como 15.40.x.5063) 21.20.x.5064 (tambi\\u00e9n conocido como 15.45.x.5064) y 24.20.100.6373 podr\\u00eda permitir que un usuario autenticado provoque una divulgaci\\u00f3n de informaci\\u00f3n mediante acceso local.\"}]",
      "id": "CVE-2018-12224",
      "lastModified": "2024-11-21T03:44:48.860",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\", \"baseScore\": 3.3, \"baseSeverity\": \"LOW\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:P/I:N/A:N\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-03-14T20:29:01.380",
      "references": "[{\"url\": \"https://support.lenovo.com/us/en/product_security/LEN-25084\", \"source\": \"secure@intel.com\"}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://support.lenovo.com/us/en/product_security/LEN-25084\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@intel.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-200\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-12224\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2019-03-14T20:29:01.380\",\"lastModified\":\"2024-11-21T03:44:48.860\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access.\"},{\"lang\":\"es\",\"value\":\"Filtrado de b\u00fafer en igdkm64.sys en Intel(R) Graphics Driver for Windows* en versiones anteriores a la 10.18.x.5059 (tambi\u00e9n conocido como 15.33.x.5059), 10.18.x.5057 (tambi\u00e9n conocido como 15.36.x.5057), 20.19.x.5063 (tambi\u00e9n conocido como 15.40.x.5063) 21.20.x.5064 (tambi\u00e9n conocido como 15.45.x.5064) y 24.20.100.6373 podr\u00eda permitir que un usuario autenticado provoque una divulgaci\u00f3n de informaci\u00f3n mediante acceso local.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.3,\"baseSeverity\":\"LOW\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:N/A:N\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-200\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34E5968D-A8DF-48A4-8B2D-3FD3D4CAA33B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BD8D4743-2DA3-4638-956D-CD816C063D79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FFF3AA02-FA3E-407E-9DAB-D849B3192226\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1E25D2E3-B3C5-4D54-AC38-51EA755753DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"565BC82E-A142-4660-B14A-E6D53FFCB39B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"116D57F0-4884-4545-BDDA-2C97474DD95F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9875754-1D9E-4547-B6F8-35D49EF10A5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"24752A43-443A-434A-AE3C-3FC6537FCAA7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9DB6338-23B0-4C1D-97C2-345A22EDCFEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D7C8297-0E65-4659-8049-34401194D0FA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"58D10DEC-49BC-4226-83CE-0C4B805CD296\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1FDD8D7-E7EA-4758-A8FA-8B0D038485B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EBCDCF96-ACF9-4074-AEC0-2EA9CAE43577\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BA3A67F6-415F-4B0E-AA2B-40286CC492A9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B637567-0958-488D-ACCA-E5A61D71433A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9579A4DB-D506-4570-9C40-1CB4BD666A69\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09F53D97-D600-4AB1-8898-2491AC8B90A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BD4933D-2CE7-43C5-A69F-564FA426C44A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B4B7AE8-F258-4C7A-B148-E04ED1291159\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7243B482-C7F0-4168-9F8A-22872E141513\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5C5C641-583B-4B90-BD70-59AC5B9996E9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"979DC154-CCE0-429B-A70E-AFD9F8CA5DCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCAEB64E-D941-41F9-B88D-603B53039A66\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-25084\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-25084\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

ghsa-2wjm-xmxm-4wmv

Vulnerability from github

Published

2022-05-14 01:13

Modified

2022-05-14 01:13

Severity ?

3.3 (Low) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-12224"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-03-14T20:29:00Z",
    "severity": "LOW"
  },
  "details": "Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access.",
  "id": "GHSA-2wjm-xmxm-4wmv",
  "modified": "2022-05-14T01:13:08Z",
  "published": "2022-05-14T01:13:08Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12224"
    },
    {
      "type": "WEB",
      "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access. Windows for Intel(R) Graphics Driver Contains an information disclosure vulnerability.Information may be obtained. Intel Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * information leak * Service operation interruption (DoS) * Privilege escalation. A local attacker could exploit this vulnerability to disclose information. The following versions are affected: Intel Graphics Driver prior to 10.18.x.5059, prior to 10.18.x.5057, prior to 20.19.x.5063, prior to 21.20.x.5064, prior to 24.20.100.6373

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201903-0984",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.40.37.4835"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.45.21.4821"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.33.46.4885"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "24.20.100.6094"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.45.19.4678"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.33.43.4425"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.40.36.4703"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "24.20.100.6229"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.40.34.4624"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.40.41.5058"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.40.38.4963"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "24.20.100.6136"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.36.31.4414"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "24.20.100.6194"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "24.20.100.6286"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "24.20.100.6025"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.36.28.4332"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.33.45.4653"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.36.34.4889"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.45.18.4664"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.36.26.4294"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.36.33.4578"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.45.23.4860"
      },
      {
        "model": "graphics driver",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "10.18.x.5057"
      },
      {
        "model": "graphics driver",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "10.18.x.5059"
      },
      {
        "model": "graphics driver",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "20.19.x.5063"
      },
      {
        "model": "graphics driver",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "21.20.x.5064"
      },
      {
        "model": "graphics driver",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "24.20.100.6373"
      },
      {
        "model": "accelerated storage manager",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "active management technology",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "csme",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "matrix storage manager",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "server platform services",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "sgx sdk",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "trusted execution engine",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "usb 3.0 creator utility",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "intel",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "for windows"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-12224"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-12224"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel ( http://www.intel.com/ )  ??",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-539"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2018-12224",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 2.1,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2018-12224",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 3.9,
            "id": "VHN-122162",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:P/I:N/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "exploitabilityScore": 1.8,
            "impactScore": 1.4,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 3.3,
            "baseSeverity": "Low",
            "confidentialityImpact": "Low",
            "exploitabilityScore": null,
            "id": "CVE-2018-12224",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-12224",
            "trust": 1.8,
            "value": "LOW"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201903-539",
            "trust": 0.6,
            "value": "LOW"
          },
          {
            "author": "VULHUB",
            "id": "VHN-122162",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-122162"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014766"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-12224"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-539"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access. Windows for Intel(R) Graphics Driver Contains an information disclosure vulnerability.Information may be obtained. Intel Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * information leak * Service operation interruption (DoS) * Privilege escalation. A local attacker could exploit this vulnerability to disclose information. The following versions are affected: Intel Graphics Driver prior to 10.18.x.5059, prior to 10.18.x.5057, prior to 20.19.x.5063, prior to 21.20.x.5064, prior to 24.20.100.6373",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-12224"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "db": "VULHUB",
        "id": "VHN-122162"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-12224",
        "trust": 2.5
      },
      {
        "db": "LENOVO",
        "id": "LEN-25084",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVNVU98344681",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014766",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-539",
        "trust": 0.7
      },
      {
        "db": "NSFOCUS",
        "id": "42996",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.0822",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-122162",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-122162"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-12224"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-539"
      }
    ]
  },
  "id": "VAR-201903-0984",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-122162"
      }
    ],
    "trust": 0.68615035
  },
  "last_update_date": "2023-12-18T11:51:24.449000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "INTEL-SA-00189",
        "trust": 1.6,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00189.html"
      },
      {
        "title": "INTEL-SA-00231 - Intel Accelerated Storage Manager in RSTe Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00231.html"
      },
      {
        "title": "INTEL-SA-00185 - Intel CSME, Server Platform Services, Trusted Execution Engine and Intel Active Management Technology 2018.4 QSR Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00185.html"
      },
      {
        "title": "INTEL-SA-00191 - Intel Firmware 2018.4 QSR Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00191.html"
      },
      {
        "title": "INTEL-SA-00216 - Intel Matrix Storage Manager Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00216.html"
      },
      {
        "title": "INTEL-SA-00217 - Intel Software Guard Extensions SDK Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00217.html"
      },
      {
        "title": "INTEL-SA-00229 - Intel USB 3.0 Creator Utility Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00229.html"
      },
      {
        "title": "Intel Graphics Driver for Windows Security vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=90128"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-539"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-200",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-122162"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014766"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-12224"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00189.html"
      },
      {
        "trust": 1.7,
        "url": "https://support.lenovo.com/us/en/product_security/len-25084"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-12224"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12224"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu98344681/"
      },
      {
        "trust": 0.8,
        "url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-001582.html"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu98344681"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/42996"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/77106"
      },
      {
        "trust": 0.6,
        "url": "https://support.lenovo.com/us/zh/solutions/len-25084"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-122162"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-12224"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-539"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-122162"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014766"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-12224"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-539"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-03-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-122162"
      },
      {
        "date": "2019-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-014766"
      },
      {
        "date": "2019-03-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "date": "2019-03-14T20:29:01.380000",
        "db": "NVD",
        "id": "CVE-2018-12224"
      },
      {
        "date": "2019-03-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-539"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-04-04T00:00:00",
        "db": "VULHUB",
        "id": "VHN-122162"
      },
      {
        "date": "2019-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-014766"
      },
      {
        "date": "2019-03-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "date": "2019-04-04T19:29:01.197000",
        "db": "NVD",
        "id": "CVE-2018-12224"
      },
      {
        "date": "2019-09-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-539"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-539"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Windows for  Intel(R) Graphics Driver Vulnerable to information disclosure",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014766"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "information disclosure",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-539"
      }
    ],
    "trust": 0.6
  }
}

gsd-2018-12224

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2018-12224

Aliases

CVE-2018-12224

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-12224",
    "description": "Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access.",
    "id": "GSD-2018-12224"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-12224"
      ],
      "details": "Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access.",
      "id": "GSD-2018-12224",
      "modified": "2023-12-13T01:22:30.629801Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "DATE_PUBLIC": "2019-03-12T00:00:00",
        "ID": "CVE-2018-12224",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel(R) Graphics Driver for Windows",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Multiple versions."
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Intel Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Information Disclosure"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html",
            "refsource": "CONFIRM",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
          },
          {
            "name": "https://support.lenovo.com/us/en/product_security/LEN-25084",
            "refsource": "CONFIRM",
            "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2018-12224"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-25084",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 2.1,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 1.4
        }
      },
      "lastModifiedDate": "2019-04-04T19:29Z",
      "publishedDate": "2019-03-14T20:29Z"
    }
  }
}

cve-2018-12224

Vulnerability from fkie_nvd

Published

2019-03-14 20:29

Modified

2024-11-21 03:44

Severity ?

3.3 (Low) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Summary

References

URL	Tags
secure@intel.com	https://support.lenovo.com/us/en/product_security/LEN-25084
secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.lenovo.com/us/en/product_security/LEN-25084
af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
intel	graphics_driver	15.33.43.4425
intel	graphics_driver	15.33.45.4653
intel	graphics_driver	15.33.46.4885
intel	graphics_driver	15.36.26.4294
intel	graphics_driver	15.36.28.4332
intel	graphics_driver	15.36.31.4414
intel	graphics_driver	15.36.33.4578
intel	graphics_driver	15.36.34.4889
intel	graphics_driver	15.40.34.4624
intel	graphics_driver	15.40.36.4703
intel	graphics_driver	15.40.37.4835
intel	graphics_driver	15.40.38.4963
intel	graphics_driver	15.40.41.5058
intel	graphics_driver	15.45.18.4664
intel	graphics_driver	15.45.19.4678
intel	graphics_driver	15.45.21.4821
intel	graphics_driver	15.45.23.4860
intel	graphics_driver	24.20.100.6025
intel	graphics_driver	24.20.100.6094
intel	graphics_driver	24.20.100.6136
intel	graphics_driver	24.20.100.6194
intel	graphics_driver	24.20.100.6229
intel	graphics_driver	24.20.100.6286
microsoft	windows	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:*:*:*",
              "matchCriteriaId": "34E5968D-A8DF-48A4-8B2D-3FD3D4CAA33B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD8D4743-2DA3-4638-956D-CD816C063D79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:*:*:*",
              "matchCriteriaId": "FFF3AA02-FA3E-407E-9DAB-D849B3192226",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:*:*:*",
              "matchCriteriaId": "1E25D2E3-B3C5-4D54-AC38-51EA755753DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:*:*:*",
              "matchCriteriaId": "565BC82E-A142-4660-B14A-E6D53FFCB39B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:*:*:*",
              "matchCriteriaId": "116D57F0-4884-4545-BDDA-2C97474DD95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9875754-1D9E-4547-B6F8-35D49EF10A5D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:*:*:*",
              "matchCriteriaId": "24752A43-443A-434A-AE3C-3FC6537FCAA7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*",
              "matchCriteriaId": "E9DB6338-23B0-4C1D-97C2-345A22EDCFEE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D7C8297-0E65-4659-8049-34401194D0FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*",
              "matchCriteriaId": "58D10DEC-49BC-4226-83CE-0C4B805CD296",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:*:*:*",
              "matchCriteriaId": "F1FDD8D7-E7EA-4758-A8FA-8B0D038485B9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:*:*:*",
              "matchCriteriaId": "EBCDCF96-ACF9-4074-AEC0-2EA9CAE43577",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA3A67F6-415F-4B0E-AA2B-40286CC492A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B637567-0958-488D-ACCA-E5A61D71433A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:*:*:*",
              "matchCriteriaId": "9579A4DB-D506-4570-9C40-1CB4BD666A69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:*:*:*",
              "matchCriteriaId": "09F53D97-D600-4AB1-8898-2491AC8B90A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD4933D-2CE7-43C5-A69F-564FA426C44A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B4B7AE8-F258-4C7A-B148-E04ED1291159",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:*:*:*",
              "matchCriteriaId": "7243B482-C7F0-4168-9F8A-22872E141513",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5C5C641-583B-4B90-BD70-59AC5B9996E9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:*:*:*",
              "matchCriteriaId": "979DC154-CCE0-429B-A70E-AFD9F8CA5DCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCAEB64E-D941-41F9-B88D-603B53039A66",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Buffer leakage in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access."
    },
    {
      "lang": "es",
      "value": "Filtrado de b\u00fafer en igdkm64.sys en Intel(R) Graphics Driver for Windows* en versiones anteriores a la 10.18.x.5059 (tambi\u00e9n conocido como 15.33.x.5059), 10.18.x.5057 (tambi\u00e9n conocido como 15.36.x.5057), 20.19.x.5063 (tambi\u00e9n conocido como 15.40.x.5063) 21.20.x.5064 (tambi\u00e9n conocido como 15.45.x.5064) y 24.20.100.6373 podr\u00eda permitir que un usuario autenticado provoque una divulgaci\u00f3n de informaci\u00f3n mediante acceso local."
    }
  ],
  "id": "CVE-2018-12224",
  "lastModified": "2024-11-21T03:44:48.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 2.1,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 3.3,
          "baseSeverity": "LOW",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-03-14T20:29:01.380",
  "references": [
    {
      "source": "secure@intel.com",
      "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2018-12224

Vulnerability from cvelistv5

ghsa-2wjm-xmxm-4wmv

Vulnerability from github

var-201903-0984

Vulnerability from variot

gsd-2018-12224

Vulnerability from gsd

cve-2018-12224

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature