ID

VAR-201911-0922


CVE

CVE-2019-14591


TITLE

Intel(R) Graphics Driver Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-012136

DESCRIPTION

Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) Graphics Driver Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A local attacker could exploit this vulnerability to cause a denial of service

Trust: 1.71

sources: NVD: CVE-2019-14591 // JVNDB: JVNDB-2019-012136 // VULHUB: VHN-146553

AFFECTED PRODUCTS

vendor:intelmodel:graphics driverscope:ltversion:26.20.100.7209

Trust: 1.8

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:netappmodel:solidfire baseboard management controllerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:netappmodel:data availability servicesscope:eqversion: -

Trust: 1.0

sources: JVNDB: JVNDB-2019-012136 // NVD: CVE-2019-14591

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-14591
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-14591
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201911-595
value: MEDIUM

Trust: 0.6

VULHUB: VHN-146553
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-14591
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-146553
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-14591
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-14591
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-146553 // JVNDB: JVNDB-2019-012136 // CNNVD: CNNVD-201911-595 // NVD: CVE-2019-14591

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-146553 // JVNDB: JVNDB-2019-012136 // NVD: CVE-2019-14591

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201911-595

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201911-595

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-012136

PATCH

title:INTEL-SA-00242url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Trust: 0.8

title:Intel Graphics Driver Enter the fix for the verification error vulnerabilityurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103262

Trust: 0.6

sources: JVNDB: JVNDB-2019-012136 // CNNVD: CNNVD-201911-595

EXTERNAL IDS

db:NVDid:CVE-2019-14591

Trust: 2.5

db:JVNid:JVNVU90354904

Trust: 0.8

db:JVNDBid:JVNDB-2019-012136

Trust: 0.8

db:CNNVDid:CNNVD-201911-595

Trust: 0.7

db:LENOVOid:LEN-28235

Trust: 0.6

db:VULHUBid:VHN-146553

Trust: 0.1

sources: VULHUB: VHN-146553 // JVNDB: JVNDB-2019-012136 // CNNVD: CNNVD-201911-595 // NVD: CVE-2019-14591

REFERENCES

url:https://security.netapp.com/advisory/ntap-20200320-0005/

Trust: 1.7

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-14591

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-14591

Trust: 0.8

url:https://jvn.jp/vu/jvnvu90354904/

Trust: 0.8

url:https://support.lenovo.com/us/en/product_security/len-28235

Trust: 0.6

sources: VULHUB: VHN-146553 // JVNDB: JVNDB-2019-012136 // CNNVD: CNNVD-201911-595 // NVD: CVE-2019-14591

SOURCES

db:VULHUBid:VHN-146553
db:JVNDBid:JVNDB-2019-012136
db:CNNVDid:CNNVD-201911-595
db:NVDid:CVE-2019-14591

LAST UPDATE DATE

2024-11-23T21:24:49.231000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-146553date:2020-03-20T00:00:00
db:JVNDBid:JVNDB-2019-012136date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-595date:2022-03-16T00:00:00
db:NVDid:CVE-2019-14591date:2024-11-21T04:26:59.810

SOURCES RELEASE DATE

db:VULHUBid:VHN-146553date:2019-11-14T00:00:00
db:JVNDBid:JVNDB-2019-012136date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-595date:2019-11-12T00:00:00
db:NVDid:CVE-2019-14591date:2019-11-14T20:15:11.993