PT-2019-2112 · Intel+4 · Intel I915 Graphics+4

Published

2019-01-15

·

Updated

2019-09-23

·

CVE-2019-11085

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Intel(R) i915 Graphics for Linux versions prior to 5.0
Description The issue is related to insufficient input validation in the Kernel Mode Driver of Intel(R) i915 Graphics for Linux. This may allow an authenticated user to potentially enable escalation of privilege via local access. The vulnerability is associated with inadequate validation of input data, which could be exploited to elevate privileges.
Recommendations For versions prior to 5.0, update to version 5.0 or later to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

BDU:2019-01868
CESA-2019_1873
CESA-2019_1959
CESA-2019_1971
CVE-2019-11085
OPENSUSE-SU-2019:1479-1
OPENSUSE-SU-2019:1579-1
OPENSUSE-SU-2019_1479-1
OPENSUSE-SU-2019_1579-1
RHSA-2019:1873
RHSA-2019:1891
RHSA-2019:1959
RHSA-2019:1971
RHSA-2019_1873
RHSA-2019_1891
RHSA-2019_1959
RHSA-2019_1971
RHSA-2020:0543
RHSA-2020:0592
RHSA-2020:0609
SUSE-SU-2019:1529-1
SUSE-SU-2019:1530-1
SUSE-SU-2019:1535-1
SUSE-SU-2019:1536-1
SUSE-SU-2019:1550-1
SUSE-SU-2019:1581-1
SUSE-SU-2019:1674-1
SUSE-SU-2019:2430-1
USN-4068-1
USN-4068-2
USN-4118-1

Affected Products

Centos
Intel I915 Graphics
Red Hat
Suse
Ubuntu