Sign-up

ID

VAR-201810-1468


CVE

CVE-2018-12193


TITLE

Intel Multiple vulnerabilities in the product

Trust: 0.8

sources: JVNDB: JVNDB-2018-008201

DESCRIPTION

Insufficient access control in driver stack for Intel QuickAssist Technology for Linux before version 4.2 may allow an unprivileged user to potentially disclose information via local access. Intel Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * Service operation interruption (DoS) * information leak * any WebGL Code execution. Intel QuickAssist Technology for Linux is a data management technology based on the Linux platform of Intel Corporation of the United States. It is mainly used to enhance the security and compression performance of dynamic data and static data in cloud, network, big data and storage applications. A local attacker could exploit this vulnerability to disclose information

Trust: 1.8

sources: NVD: CVE-2018-12193 // JVNDB: JVNDB-2018-008201 // VULHUB: VHN-122128 // VULMON: CVE-2018-12193

AFFECTED PRODUCTS

vendor:intelmodel:quickassist technologyscope:ltversion:4.2

Trust: 1.0

vendor:intelmodel:nuc kitsscope:eqversion:2018 year 5 moon 24 before the japanese version

Trust: 0.8

vendor:intelmodel:quickassist technologyscope:eqversion:for linux version 4.2

Trust: 0.8

vendor:intelmodel:graphics driverscope:eqversion:10.18.x.5056 (aka 15.33.x.5056)

Trust: 0.8

vendor:intelmodel:graphics driverscope:eqversion:10.18.x.5057 (aka 15.36.x.5057)

Trust: 0.8

vendor:intelmodel:graphics driverscope:eqversion:20.19.x.5058 (aka 15.40.x.5058)

Trust: 0.8

sources: JVNDB: JVNDB-2018-008201 // NVD: CVE-2018-12193

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-12193
value: MEDIUM

Trust: 1.0

CNNVD: CNNVD-201810-538
value: MEDIUM

Trust: 0.6

VULHUB: VHN-122128
value: LOW

Trust: 0.1

VULMON: CVE-2018-12193
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2018-12193
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-122128
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-12193
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: VULHUB: VHN-122128 // VULMON: CVE-2018-12193 // CNNVD: CNNVD-201810-538 // NVD: CVE-2018-12193

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2018-12193

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201810-538

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201810-538

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-008201

PATCH
title:INTEL-OSS-10005 - Intel QuickAssist Technology for Linux Advisoryurl:https://01.org/security/advisories/intel-oss-10005
Trust: 0.8
title:INTEL-SA-00166 - Intel Graphics Driver Unified Shader Compiler Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00166.html
Trust: 0.8
title:INTEL-SA-00168 - Intel NUC Bios Updater Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00168.html
Trust: 0.8
title:Intel QuickAssist Technology for Linux Fixes for access control error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=85669
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2018-008201 // 
            
            
            
            CNNVD: CNNVD-201810-538

EXTERNAL IDS
db:NVDid:CVE-2018-12193
Trust: 2.6
db:JVNid:JVNVU99973215
Trust: 0.8
db:JVNDBid:JVNDB-2018-008201
Trust: 0.8
db:CNNVDid:CNNVD-201810-538
Trust: 0.7
db:VULHUBid:VHN-122128
Trust: 0.1
db:VULMONid:CVE-2018-12193
Trust: 0.1
sources:
            
            
            VULHUB: VHN-122128 // 
            
            
            
            VULMON: CVE-2018-12193 // 
            
            
            
            JVNDB: JVNDB-2018-008201 // 
            
            
            
            CNNVD: CNNVD-201810-538 // 
            
            
            
            NVD: CVE-2018-12193

REFERENCES
url:https://cdrdv2.intel.com/v1/dl/getcontent/685356
Trust: 1.7
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12152
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12158
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12153
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12154
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12193
Trust: 0.8
url:https://jvn.jp/vu/jvnvu99973215/
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-12158
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-12193
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-12152
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-12153
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-12154
Trust: 0.8
url:https://01.org/security/advisories/intel-oss-10005
Trust: 0.7
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
sources:
            
            
            VULHUB: VHN-122128 // 
            
            
            
            VULMON: CVE-2018-12193 // 
            
            
            
            JVNDB: JVNDB-2018-008201 // 
            
            
            
            CNNVD: CNNVD-201810-538 // 
            
            
            
            NVD: CVE-2018-12193

SOURCES
db:VULHUBid:VHN-122128
db:VULMONid:CVE-2018-12193
db:JVNDBid:JVNDB-2018-008201
db:CNNVDid:CNNVD-201810-538
db:NVDid:CVE-2018-12193

LAST UPDATE DATE
2024-11-23T19:31:47.606000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-122128date:2021-11-19T00:00:00
db:VULMONid:CVE-2018-12193date:2020-08-24T00:00:00
db:JVNDBid:JVNDB-2018-008201date:2019-07-26T00:00:00
db:CNNVDid:CNNVD-201810-538date:2021-11-23T00:00:00
db:NVDid:CVE-2018-12193date:2024-11-21T03:44:43.897

SOURCES RELEASE DATE
db:VULHUBid:VHN-122128date:2018-10-10T00:00:00
db:VULMONid:CVE-2018-12193date:2018-10-10T00:00:00
db:JVNDBid:JVNDB-2018-008201date:2018-10-11T00:00:00
db:CNNVDid:CNNVD-201810-538date:2018-10-11T00:00:00
db:NVDid:CVE-2018-12193date:2018-10-10T18:29:04.483