Sign-up

ID

VAR-201905-1182


CVE

CVE-2019-0114


TITLE

Intel Multiple vulnerabilities in the product

Trust: 0.8

sources: JVNDB: JVNDB-2019-003441

DESCRIPTION

A race condition in Intel(R) Graphics Drivers before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow an authenticated user to potentially enable a denial of service via local access. Intel Graphics Driver Contains a race condition vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Driver is prone to multiple denial-of-service vulnerabilities. Attackers can exploit these issues to cause denial-of-service condition, denying service to legitimate users. Intel Graphics Drivers prior to 15.36.x.5067 and 15.33.x.5069 are vulnerable. The vulnerability stems from the improper handling of concurrent access when concurrent codes need to access shared resources mutually exclusive during the running of the network system or product

Trust: 1.98

sources: NVD: CVE-2019-0114 // JVNDB: JVNDB-2019-004714 // BID: 108385 // VULHUB: VHN-140145

AFFECTED PRODUCTS

vendor:intelmodel:graphics driverscope:eqversion:15.36.33.4578

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.36.31.4414

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.36.28.4332

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.36.26.4294

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.33.46.4885

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.33.43.4425

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.33.45.4653

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.36.34.4889

Trust: 1.0

vendor:intelmodel:acu wizardscope: - version: -

Trust: 0.8

vendor:intelmodel:active management technologyscope: - version: -

Trust: 0.8

vendor:intelmodel:converged security management enginescope: - version: -

Trust: 0.8

vendor:intelmodel:driver and support assistantscope: - version: -

Trust: 0.8

vendor:intelmodel:dynamic application loaderscope: - version: -

Trust: 0.8

vendor:intelmodel:i915scope: - version: -

Trust: 0.8

vendor:intelmodel:nuc board nuc7i7dnbescope: - version: -

Trust: 0.8

vendor:intelmodel:nuc kit nuc7i5dnhescope: - version: -

Trust: 0.8

vendor:intelmodel:nuc kit nuc7i7dnhescope: - version: -

Trust: 0.8

vendor:intelmodel:nuc kit nuc7i7dnkescope: - version: -

Trust: 0.8

vendor:intelmodel:nuc kit nuc8i7hnkscope: - version: -

Trust: 0.8

vendor:intelmodel:nuc kit nuc8i7hvkscope: - version: -

Trust: 0.8

vendor:intelmodel:proset/wireless software driverscope: - version: -

Trust: 0.8

vendor:intelmodel:quartus ii programmer and toolsscope: - version: -

Trust: 0.8

vendor:intelmodel:server platform servicesscope: - version: -

Trust: 0.8

vendor:intelmodel:trusted execution enginescope: - version: -

Trust: 0.8

vendor:intelmodel:intelscope: - version: -

Trust: 0.8

vendor:intelmodel:quartus primescope: - version: -

Trust: 0.8

vendor:intelmodel:scs discovery utilityscope: - version: -

Trust: 0.8

vendor:intelmodel:unite clientscope: - version: -

Trust: 0.8

vendor:intelmodel:graphics driverscope: - version: -

Trust: 0.8

vendor:intelmodel:graphics driverscope:ltversion:10.18.10.5069

Trust: 0.8

vendor:intelmodel:graphics driverscope:ltversion:10.18.14.5067

Trust: 0.8

vendor:intelmodel:graphics driverscope:eqversion:15.36.x.5057

Trust: 0.3

vendor:intelmodel:graphics driverscope:eqversion:15.33.x.5056

Trust: 0.3

vendor:intelmodel:graphics driverscope:neversion:15.36.x.5067

Trust: 0.3

vendor:intelmodel:graphics driverscope:neversion:15.33.x.5069

Trust: 0.3

sources: BID: 108385 // JVNDB: JVNDB-2019-003441 // JVNDB: JVNDB-2019-004714 // NVD: CVE-2019-0114

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-0114
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-0114
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201905-751
value: MEDIUM

Trust: 0.6

VULHUB: VHN-140145
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-0114
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-140145
severity: LOW
baseScore: 1.9
vectorString: AV:L/AC:M/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.4
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-0114
baseSeverity: MEDIUM
baseScore: 4.7
vectorString: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.0
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULHUB: VHN-140145 // JVNDB: JVNDB-2019-004714 // CNNVD: CNNVD-201905-751 // NVD: CVE-2019-0114

PROBLEMTYPE DATA

problemtype:CWE-362

Trust: 1.9

sources: VULHUB: VHN-140145 // JVNDB: JVNDB-2019-004714 // NVD: CVE-2019-0114

THREAT TYPE

local

Trust: 0.9

sources: BID: 108385 // CNNVD: CNNVD-201905-751

TYPE

competition condition problem

Trust: 0.6

sources: CNNVD: CNNVD-201905-751

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-003441

PATCH
title:INTEL-SA-00234 - IntelR SCS Discovery Utility and IntelR ACU Wizard Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00234.html
Trust: 0.8
title:INTEL-SA-00244 - IntelR QuartusR Software Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00244.html
Trust: 0.8
title:INTEL-SA-00245 - Intel UniteR Client for Android* Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00245.html
Trust: 0.8
title:INTEL-SA-00204 - Intel IntelR PROSet/Wireless WiFi Software Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00204.html
Trust: 0.8
title:INTEL-SA-00249 - IntelR i915 Graphics for Linux Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00249.html
Trust: 0.8
title:INTEL-SA-00213 - IntelR CSME, IntelR SPS, IntelR TXE, IntelR DAL, and IntelR AMT 2019.1 QSR Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00213.html
Trust: 0.8
title:INTEL-SA-00251 - IntelR NUC Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00251.html
Trust: 0.8
title:INTEL-SA-00218 - IntelR Graphics Driver for Windows* 2019.1 QSR Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html
Trust: 0.8
title:INTEL-SA-00252 - IntelR Driver & Support Assistant Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00252.html
Trust: 0.8
title:INTEL-SA-00223 - Intel 2019.1 QSR UEFI Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00223.html
Trust: 0.8
title:INTEL-SA-00228 - Intel UniteR Client Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00228.html
Trust: 0.8
title:INTEL-SA-00233 - Microarchitectural Data Sampling Advisoryurl:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00233.html
Trust: 0.8
title:INTEL-SA-00218url:https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2019-003441 // 
            
            
            
            JVNDB: JVNDB-2019-004714

EXTERNAL IDS
db:NVDid:CVE-2019-0114
Trust: 2.8
db:BIDid:108385
Trust: 2.0
db:JVNid:JVNVU92328381
Trust: 1.6
db:JVNDBid:JVNDB-2019-003441
Trust: 1.6
db:JVNDBid:JVNDB-2019-004714
Trust: 0.8
db:CNNVDid:CNNVD-201905-751
Trust: 0.7
db:LENOVOid:LEN-26295
Trust: 0.6
db:VULHUBid:VHN-140145
Trust: 0.1
sources:
            
            
            VULHUB: VHN-140145 // 
            
            
            
            BID: 108385 // 
            
            
            
            JVNDB: JVNDB-2019-003441 // 
            
            
            
            JVNDB: JVNDB-2019-004714 // 
            
            
            
            CNNVD: CNNVD-201905-751 // 
            
            
            
            NVD: CVE-2019-0114

REFERENCES
url:http://www.securityfocus.com/bid/108385
Trust: 2.3
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00218.html
Trust: 2.0
url:https://nvd.nist.gov/vuln/detail/cve-2019-0114
Trust: 1.4
url:http://www.intel.com/
Trust: 0.9
url:https://jvn.jp/vu/jvnvu92328381/index.html
Trust: 0.8
url:https://mdsattacks.com/files/ridl.pdf
Trust: 0.8
url:https://mdsattacks.com/files/fallout.pdf
Trust: 0.8
url:https://zombieloadattack.com/
Trust: 0.8
url:https://www.intel.com/content/www/us/en/architecture-and-technology/mds.html
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0114
Trust: 0.8
url:https://jvn.jp/vu/jvnvu92328381/
Trust: 0.8
url:https://jvndb.jvn.jp/ja/contents/2019/jvndb-2019-003441.html
Trust: 0.8
url:https://support.lenovo.com/us/en/product_security/len-26295
Trust: 0.6
sources:
            
            
            VULHUB: VHN-140145 // 
            
            
            
            BID: 108385 // 
            
            
            
            JVNDB: JVNDB-2019-003441 // 
            
            
            
            JVNDB: JVNDB-2019-004714 // 
            
            
            
            CNNVD: CNNVD-201905-751 // 
            
            
            
            NVD: CVE-2019-0114

CREDITS
Konstantin Wurster, and an Intel partner.
Trust: 0.9
sources:
            
            
            BID: 108385 // 
            
            
            
            CNNVD: CNNVD-201905-751

SOURCES
db:VULHUBid:VHN-140145
db:BIDid:108385
db:JVNDBid:JVNDB-2019-003441
db:JVNDBid:JVNDB-2019-004714
db:CNNVDid:CNNVD-201905-751
db:NVDid:CVE-2019-0114

LAST UPDATE DATE
2024-11-23T21:17:36.912000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-140145date:2019-05-21T00:00:00
db:BIDid:108385date:2019-05-14T00:00:00
db:JVNDBid:JVNDB-2019-003441date:2019-05-16T00:00:00
db:JVNDBid:JVNDB-2019-004714date:2019-06-06T00:00:00
db:CNNVDid:CNNVD-201905-751date:2019-08-29T00:00:00
db:NVDid:CVE-2019-0114date:2024-11-21T04:16:15.390

SOURCES RELEASE DATE
db:VULHUBid:VHN-140145date:2019-05-17T00:00:00
db:BIDid:108385date:2019-05-14T00:00:00
db:JVNDBid:JVNDB-2019-003441date:2019-05-16T00:00:00
db:JVNDBid:JVNDB-2019-004714date:2019-06-06T00:00:00
db:CNNVDid:CNNVD-201905-751date:2019-05-17T00:00:00
db:NVDid:CVE-2019-0114date:2019-05-17T16:29:01.610