CVE-2018-12221 (GCVE-0-2018-12221)
Vulnerability from cvelistv5
Published
2019-03-14 20:00
Modified
2024-09-16 16:32
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Escalation of Privilege
Summary
Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an integer overflow via local access.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Intel Corporation | Intel(R) Graphics Driver for Windows |
Version: Multiple versions. |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T08:30:59.660Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Intel(R) Graphics Driver for Windows",
"vendor": "Intel Corporation",
"versions": [
{
"status": "affected",
"version": "Multiple versions."
}
]
}
],
"datePublic": "2019-03-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an integer overflow via local access."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Escalation of Privilege",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-04T18:06:06",
"orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"shortName": "intel"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@intel.com",
"DATE_PUBLIC": "2019-03-12T00:00:00",
"ID": "CVE-2018-12221",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Intel(R) Graphics Driver for Windows",
"version": {
"version_data": [
{
"version_value": "Multiple versions."
}
]
}
}
]
},
"vendor_name": "Intel Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an integer overflow via local access."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of Privilege"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html",
"refsource": "CONFIRM",
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html"
},
{
"name": "https://support.lenovo.com/us/en/product_security/LEN-25084",
"refsource": "CONFIRM",
"url": "https://support.lenovo.com/us/en/product_security/LEN-25084"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
"assignerShortName": "intel",
"cveId": "CVE-2018-12221",
"datePublished": "2019-03-14T20:00:00Z",
"dateReserved": "2018-06-11T00:00:00",
"dateUpdated": "2024-09-16T16:32:35.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-12221\",\"sourceIdentifier\":\"secure@intel.com\",\"published\":\"2019-03-14T20:29:01.303\",\"lastModified\":\"2024-11-21T03:44:48.480\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an integer overflow via local access.\"},{\"lang\":\"es\",\"value\":\"Validaci\u00f3n de entradas insuficiente en el controlador del modo de kernel en Intel(R) Graphics Driver for Windows* en versiones anteriores a la 10.18.x.5059 (tambi\u00e9n conocido como 15.33.x.5059), 10.18.x.5057 (tambi\u00e9n conocido como 15.36.x.5057), 20.19.x.5063 (tambi\u00e9n conocido como 15.40.x.5063) 21.20.x.5064 (tambi\u00e9n conocido como 15.45.x.5064) y 24.20.100.6373 podr\u00eda permitir que un usuario no privilegiado provoque un desbordamiento de enteros mediante acceso local.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":4.6,\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":3.9,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-20\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.33.43.4425:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"46DA06DD-52CA-4FA9-93A1-A52DE84C1644\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.33.45.4653:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"CBE1FEDC-1727-4C1E-BD5B-2ADF8C6B5DAD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.33.46.4885:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"5EB29EF4-D012-445B-8AD0-329EB417A9A2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.26.4294:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"9C6F6A0E-92CE-4ECD-97D4-74625905CD67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.28.4332:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"2681B1E3-325E-4464-818A-25A699C6E0F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.31.4414:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"8256C6E1-9D66-4BB4-A016-28D3C61D32F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.33.4578:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"C6FD7B20-B590-4769-B9E4-F729FE69C458\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.36.34.4889:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"E14987BE-67FE-47CF-9DAC-403C5E16CFC7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.34.4624:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"80F4313B-7638-433A-B0DF-C371AE56CFFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.36.4703:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"B53F3860-B5BC-47DB-A6C1-CF1C805C8784\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.37.4835:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"4F5F99CA-043F-4EFC-B0C8-13A1208DC7EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.38.4963:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"74217D7F-1EEC-4219-9DC4-57D143D1CE0C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.40.41.5058:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"DE465097-C835-4D95-96A8-0E6C775BD11C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.18.4664:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"7311B7AE-DF12-49BE-8D80-BBCE402C6958\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.19.4678:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"D308A31F-B73F-48D3-8C5A-5320DBBA57C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.21.4821:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"A50439F4-2052-4F65-B5EC-1B94321777A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:15.45.23.4860:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"00146320-E0B0-4660-839E-1758AA2BF8B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6025:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"D3CE3ADC-7FA5-4B85-B032-104AD50E6462\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6094:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"1021088C-1F07-42E2-B409-1BCCBEBDF522\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6136:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"5F94F93C-366F-4E78-83B4-F0DBC3572E2C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6194:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"91F70FDF-1E73-4C90-93C2-4B0356F3F033\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6229:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"44277329-F2A7-4C93-891B-855F765E466D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:intel:graphics_driver:24.20.100.6286:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"686EA8C9-F877-40ED-8757-03811E15B0F9\"}]}]}],\"references\":[{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-25084\",\"source\":\"secure@intel.com\"},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html\",\"source\":\"secure@intel.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://support.lenovo.com/us/en/product_security/LEN-25084\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]}]}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…