Sign-up

ID

VAR-201911-0922


CVE

CVE-2019-14591


TITLE

Intel(R) Graphics Driver Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-012136

DESCRIPTION

Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) Graphics Driver Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A local attacker could exploit this vulnerability to cause a denial of service

Trust: 1.71

sources: NVD: CVE-2019-14591 // JVNDB: JVNDB-2019-012136 // VULHUB: VHN-146553

AFFECTED PRODUCTS

vendor:intelmodel:graphics driverscope:ltversion:26.20.100.7209

Trust: 1.8

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:netappmodel:solidfire baseboard management controllerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:netappmodel:data availability servicesscope:eqversion: -

Trust: 1.0

sources: JVNDB: JVNDB-2019-012136 // NVD: CVE-2019-14591

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-14591
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-14591
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201911-595
value: MEDIUM

Trust: 0.6

VULHUB: VHN-146553
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-14591
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-146553
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-14591
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-14591
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-146553 // JVNDB: JVNDB-2019-012136 // CNNVD: CNNVD-201911-595 // NVD: CVE-2019-14591

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-146553 // JVNDB: JVNDB-2019-012136 // NVD: CVE-2019-14591

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201911-595

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201911-595

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-012136

PATCH
title:INTEL-SA-00242url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html
Trust: 0.8
title:Intel Graphics Driver Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103262
Trust: 0.6
sources:
            
            
            JVNDB: JVNDB-2019-012136 // 
            
            
            
            CNNVD: CNNVD-201911-595

EXTERNAL IDS
db:NVDid:CVE-2019-14591
Trust: 2.5
db:JVNid:JVNVU90354904
Trust: 0.8
db:JVNDBid:JVNDB-2019-012136
Trust: 0.8
db:CNNVDid:CNNVD-201911-595
Trust: 0.7
db:LENOVOid:LEN-28235
Trust: 0.6
db:VULHUBid:VHN-146553
Trust: 0.1
sources:
            
            
            VULHUB: VHN-146553 // 
            
            
            
            JVNDB: JVNDB-2019-012136 // 
            
            
            
            CNNVD: CNNVD-201911-595 // 
            
            
            
            NVD: CVE-2019-14591

REFERENCES
url:https://security.netapp.com/advisory/ntap-20200320-0005/
Trust: 1.7
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html
Trust: 1.7
url:https://nvd.nist.gov/vuln/detail/cve-2019-14591
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14591
Trust: 0.8
url:https://jvn.jp/vu/jvnvu90354904/
Trust: 0.8
url:https://support.lenovo.com/us/en/product_security/len-28235
Trust: 0.6
sources:
            
            
            VULHUB: VHN-146553 // 
            
            
            
            JVNDB: JVNDB-2019-012136 // 
            
            
            
            CNNVD: CNNVD-201911-595 // 
            
            
            
            NVD: CVE-2019-14591

SOURCES
db:VULHUBid:VHN-146553
db:JVNDBid:JVNDB-2019-012136
db:CNNVDid:CNNVD-201911-595
db:NVDid:CVE-2019-14591

LAST UPDATE DATE
2024-08-14T12:54:21.977000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-146553date:2020-03-20T00:00:00
db:JVNDBid:JVNDB-2019-012136date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-595date:2022-03-16T00:00:00
db:NVDid:CVE-2019-14591date:2022-11-10T03:32:53.897

SOURCES RELEASE DATE
db:VULHUBid:VHN-146553date:2019-11-14T00:00:00
db:JVNDBid:JVNDB-2019-012136date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-595date:2019-11-12T00:00:00
db:NVDid:CVE-2019-14591date:2019-11-14T20:15:11.993