Sign-up

ID

VAR-201903-0963


CVE

CVE-2018-12210


TITLE

Windows for Intel(R) Graphics Driver Vulnerabilities related to authorization, permissions, and access control

Trust: 0.8

sources: JVNDB: JVNDB-2018-014769

DESCRIPTION

Multiple pointer dereferences in User Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause a denial of service via local access. Windows for Intel(R) Graphics Driver Contains vulnerabilities related to authorization, permissions, and access control.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * information leak * Service operation interruption (DoS) * Privilege escalation. Intel Graphics Driver for Windows is a graphics card driver for Windows platform developed by Intel Corporation. User Mode Driver is one of the user mode drivers. There is a security vulnerability in the User Mode Driver of the Windows-based Intel Graphics Driver. A local attacker could exploit this vulnerability to cause a denial of service. The following versions are affected: Intel Graphics Driver prior to 10.18.x.5059, prior to 10.18.x.5057, prior to 20.19.x.5063, prior to 21.20.x.5064, prior to 24.20.100.6373

Trust: 2.52

sources: NVD: CVE-2018-12210 // JVNDB: JVNDB-2018-014769 // JVNDB: JVNDB-2019-001582 // VULHUB: VHN-122147 // VULMON: CVE-2018-12210

AFFECTED PRODUCTS

vendor:intelmodel:graphics driverscope:eqversion:15.36.31.4414

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.40.36.4703

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.40.34.4624

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.45.23.4860

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.33.43.4425

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:24.20.100.6136

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.45.21.4821

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.36.33.4578

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.45.19.4678

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.45.18.4664

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:24.20.100.6194

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:24.20.100.6229

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.40.38.4963

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.40.41.5058

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:24.20.100.6025

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.36.34.4889

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.40.37.4835

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:24.20.100.6094

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.36.28.4332

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.36.26.4294

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.33.46.4885

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:24.20.100.6286

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.33.45.4653

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:10.18.x.5057

Trust: 0.8

vendor:intelmodel:graphics driverscope:ltversion:10.18.x.5059

Trust: 0.8

vendor:intelmodel:graphics driverscope:ltversion:20.19.x.5063

Trust: 0.8

vendor:intelmodel:graphics driverscope:ltversion:21.20.x.5064

Trust: 0.8

vendor:intelmodel:graphics driverscope:ltversion:24.20.100.6373

Trust: 0.8

vendor:intelmodel:accelerated storage managerscope: - version: -

Trust: 0.8

vendor:intelmodel:active management technologyscope: - version: -

Trust: 0.8

vendor:intelmodel:csmescope: - version: -

Trust: 0.8

vendor:intelmodel:matrix storage managerscope: - version: -

Trust: 0.8

vendor:intelmodel:server platform servicesscope: - version: -

Trust: 0.8

vendor:intelmodel:sgx sdkscope: - version: -

Trust: 0.8

vendor:intelmodel:trusted execution enginescope: - version: -

Trust: 0.8

vendor:intelmodel:usb 3.0 creator utilityscope: - version: -

Trust: 0.8

vendor:intelmodel:intelscope: - version: -

Trust: 0.8

vendor:intelmodel:graphics driverscope:eqversion:for windows

Trust: 0.8

sources: JVNDB: JVNDB-2018-014769 // JVNDB: JVNDB-2019-001582 // NVD: CVE-2018-12210

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2018-12210
value: MEDIUM

Trust: 1.0

NVD: CVE-2018-12210
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201903-518
value: MEDIUM

Trust: 0.6

VULHUB: VHN-122147
value: LOW

Trust: 0.1

VULMON: CVE-2018-12210
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2018-12210
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-122147
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2018-12210
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 2.0
impactScore: 4.0
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-122147 // VULMON: CVE-2018-12210 // JVNDB: JVNDB-2018-014769 // CNNVD: CNNVD-201903-518 // NVD: CVE-2018-12210

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.1

problemtype:CWE-264

Trust: 0.9

sources: VULHUB: VHN-122147 // JVNDB: JVNDB-2018-014769 // NVD: CVE-2018-12210

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201903-518

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201903-518

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2018-014769

PATCH
title:INTEL-SA-00189url:https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html
Trust: 0.8
title:INTEL-SA-00231 - Intel Accelerated Storage Manager in RSTe Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00231.html
Trust: 0.8
title:INTEL-SA-00185 - Intel CSME, Server Platform Services, Trusted Execution Engine and Intel Active Management Technology 2018.4 QSR Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00185.html
Trust: 0.8
title:INTEL-SA-00189 - Intel Graphics Driver for Windows* 2018.4 QSR Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00189.html
Trust: 0.8
title:INTEL-SA-00191 - Intel Firmware 2018.4 QSR Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00191.html
Trust: 0.8
title:INTEL-SA-00216 - Intel Matrix Storage Manager Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00216.html
Trust: 0.8
title:INTEL-SA-00217 - Intel Software Guard Extensions SDK Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00217.html
Trust: 0.8
title:INTEL-SA-00229 - Intel USB 3.0 Creator Utility Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00229.html
Trust: 0.8
title:Intel Graphics Driver for Windows User Mode Driver Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=90117
Trust: 0.6
title:HP: SUPPORT COMMUNICATION- SECURITY BULLETIN
HPSBHF03608 rev. 3  -  Intel Graphics Drivers Security Updatesurl:https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=d583286ee98e875e2383beb478103043
Trust: 0.1
title:HP: SUPPORT COMMUNICATION- SECURITY BULLETIN
HPSBHF03608 rev. 3  -  Intel Graphics Drivers Security Updatesurl:https://vulmon.com/vendoradvisory?qidtp=hp_bulletin&qid=0581ba00a63f34664a66de77ffb95790
Trust: 0.1
sources:
            
            
            VULMON: CVE-2018-12210 // 
            
            
            
            JVNDB: JVNDB-2018-014769 // 
            
            
            
            JVNDB: JVNDB-2019-001582 // 
            
            
            
            CNNVD: CNNVD-201903-518

EXTERNAL IDS
db:NVDid:CVE-2018-12210
Trust: 2.6
db:LENOVOid:LEN-25084
Trust: 1.8
db:JVNid:JVNVU98344681
Trust: 1.6
db:JVNDBid:JVNDB-2019-001582
Trust: 1.6
db:JVNDBid:JVNDB-2018-014769
Trust: 0.8
db:CNNVDid:CNNVD-201903-518
Trust: 0.7
db:NSFOCUSid:43005
Trust: 0.6
db:AUSCERTid:ESB-2019.0822
Trust: 0.6
db:VULHUBid:VHN-122147
Trust: 0.1
db:VULMONid:CVE-2018-12210
Trust: 0.1
sources:
            
            
            VULHUB: VHN-122147 // 
            
            
            
            VULMON: CVE-2018-12210 // 
            
            
            
            JVNDB: JVNDB-2018-014769 // 
            
            
            
            JVNDB: JVNDB-2019-001582 // 
            
            
            
            CNNVD: CNNVD-201903-518 // 
            
            
            
            NVD: CVE-2018-12210

REFERENCES
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00189.html
Trust: 2.4
url:https://support.lenovo.com/us/en/product_security/len-25084
Trust: 1.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-12210
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12210
Trust: 0.8
url:https://jvn.jp/vu/jvnvu98344681/
Trust: 0.8
url:https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-001582.html
Trust: 0.8
url:https://jvn.jp/vu/jvnvu98344681
Trust: 0.8
url:http://www.nsfocus.net/vulndb/43005
Trust: 0.6
url:https://www.auscert.org.au/bulletins/77106
Trust: 0.6
url:https://support.lenovo.com/us/zh/solutions/len-25084
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/119.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://support.hp.com//us-en/document/c06263722
Trust: 0.1
sources:
            
            
            VULHUB: VHN-122147 // 
            
            
            
            VULMON: CVE-2018-12210 // 
            
            
            
            JVNDB: JVNDB-2018-014769 // 
            
            
            
            JVNDB: JVNDB-2019-001582 // 
            
            
            
            CNNVD: CNNVD-201903-518 // 
            
            
            
            NVD: CVE-2018-12210

CREDITS
Intel ( http://www.intel.com/ )  ??
Trust: 0.6
sources:
            
            
            CNNVD: CNNVD-201903-518

SOURCES
db:VULHUBid:VHN-122147
db:VULMONid:CVE-2018-12210
db:JVNDBid:JVNDB-2018-014769
db:JVNDBid:JVNDB-2019-001582
db:CNNVDid:CNNVD-201903-518
db:NVDid:CVE-2018-12210

LAST UPDATE DATE
2024-11-23T21:12:00.432000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-122147date:2019-10-03T00:00:00
db:VULMONid:CVE-2018-12210date:2019-10-03T00:00:00
db:JVNDBid:JVNDB-2018-014769date:2019-04-10T00:00:00
db:JVNDBid:JVNDB-2019-001582date:2019-03-15T00:00:00
db:CNNVDid:CNNVD-201903-518date:2019-10-08T00:00:00
db:NVDid:CVE-2018-12210date:2024-11-21T03:44:47.160

SOURCES RELEASE DATE
db:VULHUBid:VHN-122147date:2019-03-14T00:00:00
db:VULMONid:CVE-2018-12210date:2019-03-14T00:00:00
db:JVNDBid:JVNDB-2018-014769date:2019-04-10T00:00:00
db:JVNDBid:JVNDB-2019-001582date:2019-03-15T00:00:00
db:CNNVDid:CNNVD-201903-518date:2019-03-14T00:00:00
db:NVDid:CVE-2018-12210date:2019-03-14T20:29:00.927