Vulnerability-Lookup - Search a vulnerability

Vulnerabilites related to intel - i915_firmware

Vulnerability from fkie_nvd

Published

2019-05-17 16:29

Modified

2024-11-21 04:20

Severity ?

7.8 (High) - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Summary

Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

References

URL	Tags
secure@intel.com	http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html
secure@intel.com	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html
secure@intel.com	http://www.securityfocus.com/bid/108488
secure@intel.com	https://access.redhat.com/errata/RHSA-2019:1873
secure@intel.com	https://access.redhat.com/errata/RHSA-2019:1891
secure@intel.com	https://access.redhat.com/errata/RHSA-2019:1959
secure@intel.com	https://access.redhat.com/errata/RHSA-2019:1971
secure@intel.com	https://access.redhat.com/errata/RHSA-2020:0543
secure@intel.com	https://access.redhat.com/errata/RHSA-2020:0592
secure@intel.com	https://access.redhat.com/errata/RHSA-2020:0609
secure@intel.com	https://support.f5.com/csp/article/K09376613	Third Party Advisory
secure@intel.com	https://usn.ubuntu.com/4068-1/
secure@intel.com	https://usn.ubuntu.com/4068-2/
secure@intel.com	https://usn.ubuntu.com/4118-1/
secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html
af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/108488
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:1873
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:1891
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:1959
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2019:1971
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2020:0543
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2020:0592
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2020:0609
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K09376613	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/4068-1/
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/4068-2/
af854a3a-2127-422b-91ae-364da2661108	https://usn.ubuntu.com/4118-1/
af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	intel	i915_firmware	*
	intel	i915	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:intel:i915_firmware:*:*:*:*:*:linux:*:*",
              "matchCriteriaId": "BFD3F7D4-C67B-4D95-AD94-9111D02720A9",
              "versionEndExcluding": "5.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:intel:i915:-:*:*:*:*:linux:*:*",
              "matchCriteriaId": "DC0D3093-7D64-4ADA-A117-987AE9074F3F",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access."
    },
    {
      "lang": "es",
      "value": "La validaci\u00f3n de entrada insuficiente en Kernel Mode Driver en Intel (R) i915 Graphics para Linux antes de la versi\u00f3n 5.0 puede permitir que un usuario autentificado habilite potencialmente la escalada de privilegios a trav\u00e9s del acceso local."
    }
  ],
  "id": "CVE-2019-11085",
  "lastModified": "2024-11-21T04:20:30.507",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.6,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 7.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.0"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-05-17T16:29:03.063",
  "references": [
    {
      "source": "secure@intel.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html"
    },
    {
      "source": "secure@intel.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html"
    },
    {
      "source": "secure@intel.com",
      "url": "http://www.securityfocus.com/bid/108488"
    },
    {
      "source": "secure@intel.com",
      "url": "https://access.redhat.com/errata/RHSA-2019:1873"
    },
    {
      "source": "secure@intel.com",
      "url": "https://access.redhat.com/errata/RHSA-2019:1891"
    },
    {
      "source": "secure@intel.com",
      "url": "https://access.redhat.com/errata/RHSA-2019:1959"
    },
    {
      "source": "secure@intel.com",
      "url": "https://access.redhat.com/errata/RHSA-2019:1971"
    },
    {
      "source": "secure@intel.com",
      "url": "https://access.redhat.com/errata/RHSA-2020:0543"
    },
    {
      "source": "secure@intel.com",
      "url": "https://access.redhat.com/errata/RHSA-2020:0592"
    },
    {
      "source": "secure@intel.com",
      "url": "https://access.redhat.com/errata/RHSA-2020:0609"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K09376613"
    },
    {
      "source": "secure@intel.com",
      "url": "https://usn.ubuntu.com/4068-1/"
    },
    {
      "source": "secure@intel.com",
      "url": "https://usn.ubuntu.com/4068-2/"
    },
    {
      "source": "secure@intel.com",
      "url": "https://usn.ubuntu.com/4118-1/"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/108488"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2019:1873"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2019:1891"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2019:1959"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2019:1971"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2020:0543"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2020:0592"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://access.redhat.com/errata/RHSA-2020:0609"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://support.f5.com/csp/article/K09376613"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/4068-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/4068-2/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://usn.ubuntu.com/4118-1/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2019-11085 (GCVE-0-2019-11085)

Vulnerability from cvelistv5

Published

2019-05-17 15:41