cvelistv5 - cve-2018-18090

CVE-2018-18090 (GCVE-0-2018-18090)

Vulnerability from cvelistv5 – Published: 2019-03-14 20:00 – Updated: 2024-09-17 00:51

Summary

Severity ?

No CVSS data available.

CWE

Denial of Service

Assigner

intel

References

URL

Tags

	https://www.intel.com/content/www/us/en/security-…	x_refsource_CONFIRM
	https://support.lenovo.com/us/en/product_security…	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Intel Corporation	Intel(R) Graphics Driver for Windows	Affected: Multiple versions.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T11:01:14.850Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) Graphics Driver for Windows",
          "vendor": "Intel Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Multiple versions."
            }
          ]
        }
      ],
      "datePublic": "2019-03-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Denial of Service",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-04-04T18:06:07",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "DATE_PUBLIC": "2019-03-12T00:00:00",
          "ID": "CVE-2018-18090",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) Graphics Driver for Windows",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Multiple versions."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Intel Corporation"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Denial of Service"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html",
              "refsource": "CONFIRM",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-25084",
              "refsource": "CONFIRM",
              "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2018-18090",
    "datePublished": "2019-03-14T20:00:00Z",
    "dateReserved": "2018-10-09T00:00:00",
    "dateUpdated": "2024-09-17T00:51:03.175Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"46DA06DD-52CA-4FA9-93A1-A52DE84C1644\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"CBE1FEDC-1727-4C1E-BD5B-2ADF8C6B5DAD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"5EB29EF4-D012-445B-8AD0-329EB417A9A2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"9C6F6A0E-92CE-4ECD-97D4-74625905CD67\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"2681B1E3-325E-4464-818A-25A699C6E0F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"8256C6E1-9D66-4BB4-A016-28D3C61D32F0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"C6FD7B20-B590-4769-B9E4-F729FE69C458\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"E14987BE-67FE-47CF-9DAC-403C5E16CFC7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"80F4313B-7638-433A-B0DF-C371AE56CFFC\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"B53F3860-B5BC-47DB-A6C1-CF1C805C8784\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"4F5F99CA-043F-4EFC-B0C8-13A1208DC7EA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"74217D7F-1EEC-4219-9DC4-57D143D1CE0C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"DE465097-C835-4D95-96A8-0E6C775BD11C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"7311B7AE-DF12-49BE-8D80-BBCE402C6958\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"D308A31F-B73F-48D3-8C5A-5320DBBA57C4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"A50439F4-2052-4F65-B5EC-1B94321777A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"00146320-E0B0-4660-839E-1758AA2BF8B2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"D3CE3ADC-7FA5-4B85-B032-104AD50E6462\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"1021088C-1F07-42E2-B409-1BCCBEBDF522\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"5F94F93C-366F-4E78-83B4-F0DBC3572E2C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"91F70FDF-1E73-4C90-93C2-4B0356F3F033\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"44277329-F2A7-4C93-891B-855F765E466D\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"686EA8C9-F877-40ED-8757-03811E15B0F9\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access.\"}, {\"lang\": \"es\", \"value\": \"Lectura fuera de l\\u00edmites en igdkm64.sys en Intel(R) Graphics Driver for Windows* en versiones anteriores a la 10.18.x.5059 (tambi\\u00e9n conocido como 15.33.x.5059), 10.18.x.5057 (tambi\\u00e9n conocido como 15.36.x.5057), 20.19.x.5063 (tambi\\u00e9n conocido como 15.40.x.5063) 21.20.x.5064 (tambi\\u00e9n conocido como 15.45.x.5064) y 24.20.100.6373 podr\\u00eda permitir que un usuario autenticado provoque una denegaci\\u00f3n de servicio (DoS) mediante acceso local.\"}]",
      "id": "CVE-2018-18090",
      "lastModified": "2024-11-21T03:55:27.880",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\", \"baseScore\": 5.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:L/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 2.1, \"accessVector\": \"LOCAL\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"LOW\", \"exploitabilityScore\": 3.9, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2019-03-14T20:29:01.443",
      "references": "[{\"url\": \"https://support.lenovo.com/us/en/product_security/LEN-25084\", \"source\": \"secure@intel.com\"}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html\", \"source\": \"secure@intel.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://support.lenovo.com/us/en/product_security/LEN-25084\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "secure@intel.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-125\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-18090\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2019-03-14T20:29:01.443\",\"lastModified\":\"2024-11-21T03:55:27.880\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access.\"},{\"lang\":\"es\",\"value\":\"Lectura fuera de l\u00edmites en igdkm64.sys en Intel(R) Graphics Driver for Windows* en versiones anteriores a la 10.18.x.5059 (tambi\u00e9n conocido como 15.33.x.5059), 10.18.x.5057 (tambi\u00e9n conocido como 15.36.x.5057), 20.19.x.5063 (tambi\u00e9n conocido como 15.40.x.5063) 21.20.x.5064 (tambi\u00e9n conocido como 15.45.x.5064) y 24.20.100.6373 podr\u00eda permitir que un usuario autenticado provoque una denegaci\u00f3n de servicio (DoS) mediante acceso local.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":2.1,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":3.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"46DA06DD-52CA-4FA9-93A1-A52DE84C1644\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"CBE1FEDC-1727-4C1E-BD5B-2ADF8C6B5DAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"5EB29EF4-D012-445B-8AD0-329EB417A9A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"9C6F6A0E-92CE-4ECD-97D4-74625905CD67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"2681B1E3-325E-4464-818A-25A699C6E0F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"8256C6E1-9D66-4BB4-A016-28D3C61D32F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"C6FD7B20-B590-4769-B9E4-F729FE69C458\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"E14987BE-67FE-47CF-9DAC-403C5E16CFC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"80F4313B-7638-433A-B0DF-C371AE56CFFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"B53F3860-B5BC-47DB-A6C1-CF1C805C8784\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"4F5F99CA-043F-4EFC-B0C8-13A1208DC7EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"74217D7F-1EEC-4219-9DC4-57D143D1CE0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"DE465097-C835-4D95-96A8-0E6C775BD11C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"7311B7AE-DF12-49BE-8D80-BBCE402C6958\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"D308A31F-B73F-48D3-8C5A-5320DBBA57C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"A50439F4-2052-4F65-B5EC-1B94321777A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"00146320-E0B0-4660-839E-1758AA2BF8B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"D3CE3ADC-7FA5-4B85-B032-104AD50E6462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"1021088C-1F07-42E2-B409-1BCCBEBDF522\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"5F94F93C-366F-4E78-83B4-F0DBC3572E2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"91F70FDF-1E73-4C90-93C2-4B0356F3F033\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"44277329-F2A7-4C93-891B-855F765E466D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"686EA8C9-F877-40ED-8757-03811E15B0F9\"}]}]}],\"references\":[{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-25084\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-25084\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

CNVD-2019-07814

Vulnerability from cnvd - Published: 2019-03-22

Title

Intel Graphics Driver for Windows缓冲区溢出漏洞

Description

Intel Graphics Driver for Windows是美国英特尔（Intel）公司的一款适用于Windows平台的显卡驱动程序。基于Windows平台的Intel Graphics Driver中的igdkm64.sys文件存在缓冲区溢出漏洞。本地攻击者可利用该漏洞造成拒绝服务。

Severity

低

Patch Name

Intel Graphics Driver for Windows缓冲区溢出漏洞的补丁

Patch Description

Intel Graphics Driver for Windows是美国英特尔（Intel）公司的一款适用于Windows平台的显卡驱动程序。基于Windows平台的Intel Graphics Driver中的igdkm64.sys文件存在缓冲区溢出漏洞。本地攻击者可利用该漏洞造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

目前厂商已发布升级补丁以修复漏洞，补丁获取链接： https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00189.html

Reference

https://nvd.nist.gov/vuln/detail/CVE-2018-18090

Impacted products

Name
['Intel Graphics Driver <10.18.x.5059', 'Intel Graphics Driver <10.18.x.5057', 'Intel Graphics Driver <20.19.x.5063', 'Intel Graphics Driver <21.20.x.5064', 'Intel Graphics Driver <24.20.100.6373']

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-18090",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18090"
    }
  },
  "description": "Intel Graphics Driver for Windows\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u9002\u7528\u4e8eWindows\u5e73\u53f0\u7684\u663e\u5361\u9a71\u52a8\u7a0b\u5e8f\u3002\n\n\u57fa\u4e8eWindows\u5e73\u53f0\u7684Intel Graphics Driver\u4e2d\u7684igdkm64.sys\u6587\u4ef6\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "discovererName": "unKnow",
  "formalWay": "\u76ee\u524d\u5382\u5546\u5df2\u53d1\u5e03\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u6f0f\u6d1e\uff0c\u8865\u4e01\u83b7\u53d6\u94fe\u63a5\uff1a\r\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00189.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-07814",
  "openTime": "2019-03-22",
  "patchDescription": "Intel Graphics Driver for Windows\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u9002\u7528\u4e8eWindows\u5e73\u53f0\u7684\u663e\u5361\u9a71\u52a8\u7a0b\u5e8f\u3002\r\n\r\n\u57fa\u4e8eWindows\u5e73\u53f0\u7684Intel Graphics Driver\u4e2d\u7684igdkm64.sys\u6587\u4ef6\u5b58\u5728\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u3002\u672c\u5730\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intel Graphics Driver for Windows\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": [
      "Intel Graphics Driver \u003c10.18.x.5059",
      "Intel Graphics Driver \u003c10.18.x.5057",
      "Intel Graphics Driver \u003c20.19.x.5063",
      "Intel Graphics Driver \u003c21.20.x.5064",
      "Intel Graphics Driver \u003c24.20.100.6373"
    ]
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2018-18090",
  "serverity": "\u4f4e",
  "submitTime": "2019-03-18",
  "title": "Intel Graphics Driver for Windows\u7f13\u51b2\u533a\u6ea2\u51fa\u6f0f\u6d1e"
}

FKIE_CVE-2018-18090

Vulnerability from fkie_nvd - Published: 2019-03-14 20:29 - Updated: 2024-11-21 03:55

Severity ?

5.5 (Medium) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
secure@intel.com	https://support.lenovo.com/us/en/product_security/LEN-25084
secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.lenovo.com/us/en/product_security/LEN-25084
af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html	Patch, Vendor Advisory

Impacted products

Vendor	Product	Version
intel	graphics_driver	15.33.43.4425
intel	graphics_driver	15.33.45.4653
intel	graphics_driver	15.33.46.4885
intel	graphics_driver	15.36.26.4294
intel	graphics_driver	15.36.28.4332
intel	graphics_driver	15.36.31.4414
intel	graphics_driver	15.36.33.4578
intel	graphics_driver	15.36.34.4889
intel	graphics_driver	15.40.34.4624
intel	graphics_driver	15.40.36.4703
intel	graphics_driver	15.40.37.4835
intel	graphics_driver	15.40.38.4963
intel	graphics_driver	15.40.41.5058
intel	graphics_driver	15.45.18.4664
intel	graphics_driver	15.45.19.4678
intel	graphics_driver	15.45.21.4821
intel	graphics_driver	15.45.23.4860
intel	graphics_driver	24.20.100.6025
intel	graphics_driver	24.20.100.6094
intel	graphics_driver	24.20.100.6136
intel	graphics_driver	24.20.100.6194
intel	graphics_driver	24.20.100.6229
intel	graphics_driver	24.20.100.6286

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:windows:*:*",
              "matchCriteriaId": "46DA06DD-52CA-4FA9-93A1-A52DE84C1644",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:windows:*:*",
              "matchCriteriaId": "CBE1FEDC-1727-4C1E-BD5B-2ADF8C6B5DAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:windows:*:*",
              "matchCriteriaId": "5EB29EF4-D012-445B-8AD0-329EB417A9A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:windows:*:*",
              "matchCriteriaId": "9C6F6A0E-92CE-4ECD-97D4-74625905CD67",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:windows:*:*",
              "matchCriteriaId": "2681B1E3-325E-4464-818A-25A699C6E0F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:windows:*:*",
              "matchCriteriaId": "8256C6E1-9D66-4BB4-A016-28D3C61D32F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:windows:*:*",
              "matchCriteriaId": "C6FD7B20-B590-4769-B9E4-F729FE69C458",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:windows:*:*",
              "matchCriteriaId": "E14987BE-67FE-47CF-9DAC-403C5E16CFC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:windows:*:*",
              "matchCriteriaId": "80F4313B-7638-433A-B0DF-C371AE56CFFC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:windows:*:*",
              "matchCriteriaId": "B53F3860-B5BC-47DB-A6C1-CF1C805C8784",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:windows:*:*",
              "matchCriteriaId": "4F5F99CA-043F-4EFC-B0C8-13A1208DC7EA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:windows:*:*",
              "matchCriteriaId": "74217D7F-1EEC-4219-9DC4-57D143D1CE0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:windows:*:*",
              "matchCriteriaId": "DE465097-C835-4D95-96A8-0E6C775BD11C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:windows:*:*",
              "matchCriteriaId": "7311B7AE-DF12-49BE-8D80-BBCE402C6958",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:windows:*:*",
              "matchCriteriaId": "D308A31F-B73F-48D3-8C5A-5320DBBA57C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:windows:*:*",
              "matchCriteriaId": "A50439F4-2052-4F65-B5EC-1B94321777A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:windows:*:*",
              "matchCriteriaId": "00146320-E0B0-4660-839E-1758AA2BF8B2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:windows:*:*",
              "matchCriteriaId": "D3CE3ADC-7FA5-4B85-B032-104AD50E6462",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:windows:*:*",
              "matchCriteriaId": "1021088C-1F07-42E2-B409-1BCCBEBDF522",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:windows:*:*",
              "matchCriteriaId": "5F94F93C-366F-4E78-83B4-F0DBC3572E2C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:windows:*:*",
              "matchCriteriaId": "91F70FDF-1E73-4C90-93C2-4B0356F3F033",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:windows:*:*",
              "matchCriteriaId": "44277329-F2A7-4C93-891B-855F765E466D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:windows:*:*",
              "matchCriteriaId": "686EA8C9-F877-40ED-8757-03811E15B0F9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access."
    },
    {
      "lang": "es",
      "value": "Lectura fuera de l\u00edmites en igdkm64.sys en Intel(R) Graphics Driver for Windows* en versiones anteriores a la 10.18.x.5059 (tambi\u00e9n conocido como 15.33.x.5059), 10.18.x.5057 (tambi\u00e9n conocido como 15.36.x.5057), 20.19.x.5063 (tambi\u00e9n conocido como 15.40.x.5063) 21.20.x.5064 (tambi\u00e9n conocido como 15.45.x.5064) y 24.20.100.6373 podr\u00eda permitir que un usuario autenticado provoque una denegaci\u00f3n de servicio (DoS) mediante acceso local."
    }
  ],
  "id": "CVE-2018-18090",
  "lastModified": "2024-11-21T03:55:27.880",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-03-14T20:29:01.443",
  "references": [
    {
      "source": "secure@intel.com",
      "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CERTFR-2019-AVI-108

Vulnerability from certfr_avis - Published: - Updated:

De multiples vulnérabilités ont été découvertes dans les produits Intel. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire, un déni de service à distance et un déni de service.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Processeur Intel Celeron J4105
Intel	N/A	Intel CSME versions 11.0 à 11.8.55
Intel	N/A	Intel CSME versions 11.20 à 11.22.0
Intel	N/A	Intel Data Center Manager SDK versions antérieures à 5.0.2
Intel	N/A	Intel CSME versions 12.0 à 12.0.10
Intel	N/A	Processeur Intel Celeron N4000
Intel	N/A	Intel Accelerated Storage Manager RSTe versions 5.5 et antérieures
Intel	N/A	Intel Server Board
Intel	N/A	Intel Server System
Intel	N/A	Processeur Intel Core de 7ème génération
Intel	N/A	Intel Compute ModuleIntel Graphics Driver pour Windows versions antérieures à 10.18.x.5059 (aussi connu comme 15.33.x.5059), 10.18.x.5057 (aussi connu comme 15.36.x.5057), 20.19.x.5063 (aussi connu comme 15.40.x.5063) 21.20.x.5064 (aussi connu comme 15.45.x.5064) et 24.20.100.6373
Intel	N/A	Intel CSME versions 11.10 à 11.11.55
Intel	N/A	Intel Trusted Execution Engine versions 4.0 à 4.0.5
Intel	N/A	Processeur Intel Core de 8ème génération
Intel	N/A	Processeur Intel Pentium Silver N5000
Intel	N/A	Composant Intel Unite Solution software server version 3.2 à 3.3
Intel	N/A	Processeur Intel Celeron N4100
Intel	N/A	Intel Server Platform Services versions SPS 4.01.00.152.0 à SPS 4.01.02.173
Intel	N/A	Intel Server Platform Services versions SPS 4.00.04.367 à SPS 4.00.04.382
Intel	N/A	Processeur Intel Pentium Silver J5005
Intel	N/A	Processeur Intel Celeron J4005
Intel	N/A	Intel Trusted Execution Engine versions 3.0 à 3.1.50

References

Title

Publication Time

Tags

Bulletin de sécurité Intel INTEL-SA-00189 du 12 mars 2019	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00231 du 12 mars 2019	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00215 du 12 mars 2019	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00185 du 12 mars 2019	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00214 du 12 mars 2019	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00191 du 12 mars 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Processeur Intel Celeron J4105",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions 11.0 \u00e0 11.8.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions 11.20 \u00e0 11.22.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Data Center Manager SDK versions ant\u00e9rieures \u00e0 5.0.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions 12.0 \u00e0 12.0.10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Celeron N4000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Accelerated Storage Manager RSTe versions 5.5 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Board",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server System",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Core de 7\u00e8me g\u00e9n\u00e9ration",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute ModuleIntel Graphics Driver pour Windows versions ant\u00e9rieures \u00e0 10.18.x.5059 (aussi connu comme 15.33.x.5059), 10.18.x.5057 (aussi connu comme 15.36.x.5057), 20.19.x.5063 (aussi connu comme 15.40.x.5063) 21.20.x.5064 (aussi connu comme 15.45.x.5064) et 24.20.100.6373",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions 11.10 \u00e0 11.11.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Trusted Execution Engine versions 4.0 \u00e0 4.0.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Core de 8\u00e8me g\u00e9n\u00e9ration",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Pentium Silver N5000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Composant Intel Unite Solution software server version 3.2 \u00e0 3.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Celeron N4100",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Platform Services versions SPS 4.01.00.152.0 \u00e0 SPS 4.01.02.173",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Platform Services versions SPS 4.00.04.367 \u00e0 SPS 4.00.04.382",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Pentium Silver J5005",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Celeron J4005",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Trusted Execution Engine versions 3.0 \u00e0 3.1.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-12223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12223"
    },
    {
      "name": "CVE-2019-0108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0108"
    },
    {
      "name": "CVE-2018-12215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12215"
    },
    {
      "name": "CVE-2018-12188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12188"
    },
    {
      "name": "CVE-2018-12205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12205"
    },
    {
      "name": "CVE-2019-0103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0103"
    },
    {
      "name": "CVE-2018-12222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12222"
    },
    {
      "name": "CVE-2018-12212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12212"
    },
    {
      "name": "CVE-2018-12213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12213"
    },
    {
      "name": "CVE-2018-12202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12202"
    },
    {
      "name": "CVE-2018-12199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12199"
    },
    {
      "name": "CVE-2018-12221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12221"
    },
    {
      "name": "CVE-2019-0107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0107"
    },
    {
      "name": "CVE-2018-12191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12191"
    },
    {
      "name": "CVE-2018-12200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12200"
    },
    {
      "name": "CVE-2018-12204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12204"
    },
    {
      "name": "CVE-2018-12214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12214"
    },
    {
      "name": "CVE-2019-0105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0105"
    },
    {
      "name": "CVE-2018-18089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-18089"
    },
    {
      "name": "CVE-2019-0109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0109"
    },
    {
      "name": "CVE-2018-12187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12187"
    },
    {
      "name": "CVE-2018-12219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12219"
    },
    {
      "name": "CVE-2019-0102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0102"
    },
    {
      "name": "CVE-2018-12192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12192"
    },
    {
      "name": "CVE-2018-12208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12208"
    },
    {
      "name": "CVE-2019-0101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0101"
    },
    {
      "name": "CVE-2018-12217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12217"
    },
    {
      "name": "CVE-2018-12189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12189"
    },
    {
      "name": "CVE-2018-12196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12196"
    },
    {
      "name": "CVE-2019-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0135"
    },
    {
      "name": "CVE-2018-12201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12201"
    },
    {
      "name": "CVE-2018-12211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12211"
    },
    {
      "name": "CVE-2019-0106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0106"
    },
    {
      "name": "CVE-2018-12203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12203"
    },
    {
      "name": "CVE-2018-12209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12209"
    },
    {
      "name": "CVE-2019-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0112"
    },
    {
      "name": "CVE-2019-0110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0110"
    },
    {
      "name": "CVE-2018-12185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12185"
    },
    {
      "name": "CVE-2019-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0111"
    },
    {
      "name": "CVE-2018-12218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12218"
    },
    {
      "name": "CVE-2018-12220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12220"
    },
    {
      "name": "CVE-2018-12216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12216"
    },
    {
      "name": "CVE-2018-12224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12224"
    },
    {
      "name": "CVE-2019-0104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0104"
    },
    {
      "name": "CVE-2018-12210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12210"
    },
    {
      "name": "CVE-2018-12198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12198"
    },
    {
      "name": "CVE-2018-18090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-18090"
    },
    {
      "name": "CVE-2018-12190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12190"
    },
    {
      "name": "CVE-2018-18091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-18091"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-108",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-03-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et un d\u00e9ni\nde service.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00189 du 12 mars 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00189.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00231 du 12 mars 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00231.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00215 du 12 mars 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00215.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00185 du 12 mars 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00185.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00214 du 12 mars 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00214.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00191 du 12 mars 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00191.html"
    }
  ]
}

CERTFR-2019-AVI-108

Vulnerability from certfr_avis - Published: - Updated:

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Processeur Intel Celeron J4105
Intel	N/A	Intel CSME versions 11.0 à 11.8.55
Intel	N/A	Intel CSME versions 11.20 à 11.22.0
Intel	N/A	Intel Data Center Manager SDK versions antérieures à 5.0.2
Intel	N/A	Intel CSME versions 12.0 à 12.0.10
Intel	N/A	Processeur Intel Celeron N4000
Intel	N/A	Intel Accelerated Storage Manager RSTe versions 5.5 et antérieures
Intel	N/A	Intel Server Board
Intel	N/A	Intel Server System
Intel	N/A	Processeur Intel Core de 7ème génération
Intel	N/A	Intel Compute ModuleIntel Graphics Driver pour Windows versions antérieures à 10.18.x.5059 (aussi connu comme 15.33.x.5059), 10.18.x.5057 (aussi connu comme 15.36.x.5057), 20.19.x.5063 (aussi connu comme 15.40.x.5063) 21.20.x.5064 (aussi connu comme 15.45.x.5064) et 24.20.100.6373
Intel	N/A	Intel CSME versions 11.10 à 11.11.55
Intel	N/A	Intel Trusted Execution Engine versions 4.0 à 4.0.5
Intel	N/A	Processeur Intel Core de 8ème génération
Intel	N/A	Processeur Intel Pentium Silver N5000
Intel	N/A	Composant Intel Unite Solution software server version 3.2 à 3.3
Intel	N/A	Processeur Intel Celeron N4100
Intel	N/A	Intel Server Platform Services versions SPS 4.01.00.152.0 à SPS 4.01.02.173
Intel	N/A	Intel Server Platform Services versions SPS 4.00.04.367 à SPS 4.00.04.382
Intel	N/A	Processeur Intel Pentium Silver J5005
Intel	N/A	Processeur Intel Celeron J4005
Intel	N/A	Intel Trusted Execution Engine versions 3.0 à 3.1.50

References

Title

Publication Time

Tags

Bulletin de sécurité Intel INTEL-SA-00189 du 12 mars 2019	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00231 du 12 mars 2019	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00215 du 12 mars 2019	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00185 du 12 mars 2019	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00214 du 12 mars 2019	None	vendor-advisory
Bulletin de sécurité Intel INTEL-SA-00191 du 12 mars 2019	None	vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [
    {
      "description": "Processeur Intel Celeron J4105",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions 11.0 \u00e0 11.8.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions 11.20 \u00e0 11.22.0",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Data Center Manager SDK versions ant\u00e9rieures \u00e0 5.0.2",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions 12.0 \u00e0 12.0.10",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Celeron N4000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Accelerated Storage Manager RSTe versions 5.5 et ant\u00e9rieures",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Board",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server System",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Core de 7\u00e8me g\u00e9n\u00e9ration",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Compute ModuleIntel Graphics Driver pour Windows versions ant\u00e9rieures \u00e0 10.18.x.5059 (aussi connu comme 15.33.x.5059), 10.18.x.5057 (aussi connu comme 15.36.x.5057), 20.19.x.5063 (aussi connu comme 15.40.x.5063) 21.20.x.5064 (aussi connu comme 15.45.x.5064) et 24.20.100.6373",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel CSME versions 11.10 \u00e0 11.11.55",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Trusted Execution Engine versions 4.0 \u00e0 4.0.5",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Core de 8\u00e8me g\u00e9n\u00e9ration",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Pentium Silver N5000",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Composant Intel Unite Solution software server version 3.2 \u00e0 3.3",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Celeron N4100",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Platform Services versions SPS 4.01.00.152.0 \u00e0 SPS 4.01.02.173",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Server Platform Services versions SPS 4.00.04.367 \u00e0 SPS 4.00.04.382",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Pentium Silver J5005",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Processeur Intel Celeron J4005",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    },
    {
      "description": "Intel Trusted Execution Engine versions 3.0 \u00e0 3.1.50",
      "product": {
        "name": "N/A",
        "vendor": {
          "name": "Intel",
          "scada": false
        }
      }
    }
  ],
  "affected_systems_content": null,
  "content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2018-12223",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12223"
    },
    {
      "name": "CVE-2019-0108",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0108"
    },
    {
      "name": "CVE-2018-12215",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12215"
    },
    {
      "name": "CVE-2018-12188",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12188"
    },
    {
      "name": "CVE-2018-12205",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12205"
    },
    {
      "name": "CVE-2019-0103",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0103"
    },
    {
      "name": "CVE-2018-12222",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12222"
    },
    {
      "name": "CVE-2018-12212",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12212"
    },
    {
      "name": "CVE-2018-12213",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12213"
    },
    {
      "name": "CVE-2018-12202",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12202"
    },
    {
      "name": "CVE-2018-12199",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12199"
    },
    {
      "name": "CVE-2018-12221",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12221"
    },
    {
      "name": "CVE-2019-0107",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0107"
    },
    {
      "name": "CVE-2018-12191",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12191"
    },
    {
      "name": "CVE-2018-12200",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12200"
    },
    {
      "name": "CVE-2018-12204",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12204"
    },
    {
      "name": "CVE-2018-12214",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12214"
    },
    {
      "name": "CVE-2019-0105",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0105"
    },
    {
      "name": "CVE-2018-18089",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-18089"
    },
    {
      "name": "CVE-2019-0109",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0109"
    },
    {
      "name": "CVE-2018-12187",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12187"
    },
    {
      "name": "CVE-2018-12219",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12219"
    },
    {
      "name": "CVE-2019-0102",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0102"
    },
    {
      "name": "CVE-2018-12192",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12192"
    },
    {
      "name": "CVE-2018-12208",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12208"
    },
    {
      "name": "CVE-2019-0101",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0101"
    },
    {
      "name": "CVE-2018-12217",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12217"
    },
    {
      "name": "CVE-2018-12189",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12189"
    },
    {
      "name": "CVE-2018-12196",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12196"
    },
    {
      "name": "CVE-2019-0135",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0135"
    },
    {
      "name": "CVE-2018-12201",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12201"
    },
    {
      "name": "CVE-2018-12211",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12211"
    },
    {
      "name": "CVE-2019-0106",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0106"
    },
    {
      "name": "CVE-2018-12203",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12203"
    },
    {
      "name": "CVE-2018-12209",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12209"
    },
    {
      "name": "CVE-2019-0112",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0112"
    },
    {
      "name": "CVE-2019-0110",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0110"
    },
    {
      "name": "CVE-2018-12185",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12185"
    },
    {
      "name": "CVE-2019-0111",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0111"
    },
    {
      "name": "CVE-2018-12218",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12218"
    },
    {
      "name": "CVE-2018-12220",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12220"
    },
    {
      "name": "CVE-2018-12216",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12216"
    },
    {
      "name": "CVE-2018-12224",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12224"
    },
    {
      "name": "CVE-2019-0104",
      "url": "https://www.cve.org/CVERecord?id=CVE-2019-0104"
    },
    {
      "name": "CVE-2018-12210",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12210"
    },
    {
      "name": "CVE-2018-12198",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12198"
    },
    {
      "name": "CVE-2018-18090",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-18090"
    },
    {
      "name": "CVE-2018-12190",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-12190"
    },
    {
      "name": "CVE-2018-18091",
      "url": "https://www.cve.org/CVERecord?id=CVE-2018-18091"
    }
  ],
  "links": [],
  "reference": "CERTFR-2019-AVI-108",
  "revisions": [
    {
      "description": "Version initiale",
      "revision_date": "2019-03-13T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    },
    {
      "description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
    },
    {
      "description": "Ex\u00e9cution de code arbitraire"
    },
    {
      "description": "D\u00e9ni de service"
    },
    {
      "description": "Contournement de la politique de s\u00e9curit\u00e9"
    },
    {
      "description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
    },
    {
      "description": "\u00c9l\u00e9vation de privil\u00e8ges"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Intel.\nCertaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une\nex\u00e9cution de code arbitraire, un d\u00e9ni de service \u00e0 distance et un d\u00e9ni\nde service.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Intel",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00189 du 12 mars 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00189.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00231 du 12 mars 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00231.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00215 du 12 mars 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00215.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00185 du 12 mars 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00185.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00214 du 12 mars 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00214.html"
    },
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Intel INTEL-SA-00191 du 12 mars 2019",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00191.html"
    }
  ]
}

VAR-201903-1037

Vulnerability from variot - Updated: 2023-12-18 11:41

Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access. Windows for Intel(R) Graphics Driver Contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * information leak * Service operation interruption (DoS) * Privilege escalation. Intel Graphics Driver for Windows is a graphics card driver for Windows platform developed by Intel Corporation. The igdkm64.sys file in the Windows-based Intel Graphics Driver has an out-of-bounds read vulnerability. A local attacker could exploit this vulnerability to cause a denial of service. The following versions are affected: Intel Graphics Driver prior to 10.18.x.5059, prior to 10.18.x.5057, prior to 20.19.x.5063, prior to 21.20.x.5064, prior to 24.20.100.6373

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201903-1037",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.40.37.4835"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.45.21.4821"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.33.46.4885"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "24.20.100.6094"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.45.19.4678"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.33.43.4425"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.40.36.4703"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "24.20.100.6229"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.40.34.4624"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.40.41.5058"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.40.38.4963"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "24.20.100.6136"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.36.31.4414"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "24.20.100.6194"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "24.20.100.6286"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "24.20.100.6025"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.36.28.4332"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.33.45.4653"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.36.34.4889"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.45.18.4664"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.36.26.4294"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.36.33.4578"
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "intel",
        "version": "15.45.23.4860"
      },
      {
        "model": "graphics driver",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "10.18.x.5057"
      },
      {
        "model": "graphics driver",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "10.18.x.5059"
      },
      {
        "model": "graphics driver",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "20.19.x.5063"
      },
      {
        "model": "graphics driver",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "21.20.x.5064"
      },
      {
        "model": "graphics driver",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "24.20.100.6373"
      },
      {
        "model": "accelerated storage manager",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "active management technology",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "csme",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "matrix storage manager",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "server platform services",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "sgx sdk",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "trusted execution engine",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "usb 3.0 creator utility",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "intel",
        "scope": null,
        "trust": 0.8,
        "vendor": "intel",
        "version": null
      },
      {
        "model": "graphics driver",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "intel",
        "version": "for windows"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-18090"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-18090"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel ( http://www.intel.com/ )  ??",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-544"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2018-18090",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "LOW",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Local",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 2.1,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-18090",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Low",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "VHN-128615",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.8,
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 5.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2018-18090",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2018-18090",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201903-544",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-128615",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-128615"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014756"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-18090"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-544"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access. Windows for Intel(R) Graphics Driver Contains an out-of-bounds vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * information leak * Service operation interruption (DoS) * Privilege escalation. Intel Graphics Driver for Windows is a graphics card driver for Windows platform developed by Intel Corporation. The igdkm64.sys file in the Windows-based Intel Graphics Driver has an out-of-bounds read vulnerability. A local attacker could exploit this vulnerability to cause a denial of service. The following versions are affected: Intel Graphics Driver prior to 10.18.x.5059, prior to 10.18.x.5057, prior to 20.19.x.5063, prior to 21.20.x.5064, prior to 24.20.100.6373",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2018-18090"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "db": "VULHUB",
        "id": "VHN-128615"
      }
    ],
    "trust": 2.43
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2018-18090",
        "trust": 2.5
      },
      {
        "db": "LENOVO",
        "id": "LEN-25084",
        "trust": 1.7
      },
      {
        "db": "JVN",
        "id": "JVNVU98344681",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582",
        "trust": 1.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014756",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-544",
        "trust": 0.7
      },
      {
        "db": "NSFOCUS",
        "id": "42990",
        "trust": 0.6
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.0822",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-128615",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-128615"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-18090"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-544"
      }
    ]
  },
  "id": "VAR-201903-1037",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-128615"
      }
    ],
    "trust": 0.68615035
  },
  "last_update_date": "2023-12-18T11:41:56.331000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "INTEL-SA-00189",
        "trust": 1.6,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00189.html"
      },
      {
        "title": "INTEL-SA-00231 - Intel Accelerated Storage Manager in RSTe Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00231.html"
      },
      {
        "title": "INTEL-SA-00185 - Intel CSME, Server Platform Services, Trusted Execution Engine and Intel Active Management Technology 2018.4 QSR Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00185.html"
      },
      {
        "title": "INTEL-SA-00191 - Intel Firmware 2018.4 QSR Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00191.html"
      },
      {
        "title": "INTEL-SA-00216 - Intel Matrix Storage Manager Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00216.html"
      },
      {
        "title": "INTEL-SA-00217 - Intel Software Guard Extensions SDK Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00217.html"
      },
      {
        "title": "INTEL-SA-00229 - Intel USB 3.0 Creator Utility Advisory",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00229.html"
      },
      {
        "title": "Intel Graphics Driver for Windows Buffer error vulnerability fix",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=90133"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-544"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-125",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-128615"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014756"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-18090"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.3,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00189.html"
      },
      {
        "trust": 1.7,
        "url": "https://support.lenovo.com/us/en/product_security/len-25084"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2018-18090"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-18090"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu98344681/"
      },
      {
        "trust": 0.8,
        "url": "https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-001582.html"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu98344681"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/77106"
      },
      {
        "trust": 0.6,
        "url": "https://support.lenovo.com/us/zh/solutions/len-25084"
      },
      {
        "trust": 0.6,
        "url": "http://www.nsfocus.net/vulndb/42990"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-128615"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-18090"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-544"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-128615"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014756"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "db": "NVD",
        "id": "CVE-2018-18090"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-544"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-03-14T00:00:00",
        "db": "VULHUB",
        "id": "VHN-128615"
      },
      {
        "date": "2019-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-014756"
      },
      {
        "date": "2019-03-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "date": "2019-03-14T20:29:01.443000",
        "db": "NVD",
        "id": "CVE-2018-18090"
      },
      {
        "date": "2019-03-14T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-544"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-04-04T00:00:00",
        "db": "VULHUB",
        "id": "VHN-128615"
      },
      {
        "date": "2019-04-10T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2018-014756"
      },
      {
        "date": "2019-03-15T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-001582"
      },
      {
        "date": "2019-04-04T19:29:01.337000",
        "db": "NVD",
        "id": "CVE-2018-18090"
      },
      {
        "date": "2019-09-26T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201903-544"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-544"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Windows for  Intel(R) Graphics Driver Vulnerable to out-of-bounds reading",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2018-014756"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201903-544"
      }
    ],
    "trust": 0.6
  }
}

GHSA-W6RV-VC6G-XQ59

Vulnerability from github – Published: 2022-05-14 01:13 – Updated: 2022-05-14 01:13

Details

Severity ?

5.5 (Medium)


                  
                    CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2018-18090"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-125"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-03-14T20:29:00Z",
    "severity": "MODERATE"
  },
  "details": "Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access.",
  "id": "GHSA-w6rv-vc6g-xq59",
  "modified": "2022-05-14T01:13:07Z",
  "published": "2022-05-14T01:13:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-18090"
    },
    {
      "type": "WEB",
      "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2018-18090

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-18090

Aliases

CVE-2018-18090

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-18090",
    "description": "Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access.",
    "id": "GSD-2018-18090"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-18090"
      ],
      "details": "Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access.",
      "id": "GSD-2018-18090",
      "modified": "2023-12-13T01:22:36.569874Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "DATE_PUBLIC": "2019-03-12T00:00:00",
        "ID": "CVE-2018-18090",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel(R) Graphics Driver for Windows",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "Multiple versions."
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "Intel Corporation"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of Service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html",
            "refsource": "CONFIRM",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
          },
          {
            "name": "https://support.lenovo.com/us/en/product_security/LEN-25084",
            "refsource": "CONFIRM",
            "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:windows:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2018-18090"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-125"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
            },
            {
              "name": "https://support.lenovo.com/us/en/product_security/LEN-25084",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2019-04-04T19:29Z",
      "publishedDate": "2019-03-14T20:29Z"
    }
  }
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-18090 (GCVE-0-2018-18090)

CNVD-2019-07814

FKIE_CVE-2018-18090

CERTFR-2019-AVI-108

Solution

CERTFR-2019-AVI-108

Solution

VAR-201903-1037

GHSA-W6RV-VC6G-XQ59

GSD-2018-18090

Tags

Sightings

Nomenclature