PT-2018-2967 · Intel · Intel Graphics Drivers

Piotr Bania

Published

2018-10-09

Updated

2019-10-30

CVE-2018-12153

CVSS v3.1

6.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Intel Graphics Drivers versions prior to 10.18.x.5056 Intel Graphics Drivers versions prior to 10.18.x.5057 Intel Graphics Drivers versions prior to 20.19.x.5058

Description The issue is related to insufficient input validation in the unified shader compiler of Intel Graphics Drivers. This can be exploited to cause a denial of service, potentially allowing an attacker to crash the host system via local access from a virtual machine guest.

Recommendations For versions prior to 10.18.x.5056, update to version 10.18.x.5056 or later. For versions prior to 10.18.x.5057, update to version 10.18.x.5057 or later. For versions prior to 20.19.x.5058, update to version 20.19.x.5058 or later.

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2019-02823

CVE-2018-12153

Affected Products

Intel Graphics Drivers

PT-2018-2967 · Intel · Intel Graphics Drivers

CVE-2018-12153

Weakness Enumeration

Related Identifiers

Affected Products

References · 10