ID

VAR-201911-1672


CVE

CVE-2019-11089


TITLE

Intel(R) Graphics Driver Input validation vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-012132

DESCRIPTION

Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) Graphics Driver Contains an input validation vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A local attacker could exploit this vulnerability to cause a denial of service

Trust: 1.71

sources: NVD: CVE-2019-11089 // JVNDB: JVNDB-2019-012132 // VULHUB: VHN-142700

AFFECTED PRODUCTS

vendor:intelmodel:graphics driverscope:ltversion:25.20.100.6519

Trust: 1.8

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:netappmodel:solidfire baseboard management controllerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:netappmodel:data availability servicesscope:eqversion: -

Trust: 1.0

sources: JVNDB: JVNDB-2019-012132 // NVD: CVE-2019-11089

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-11089
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-11089
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201911-602
value: MEDIUM

Trust: 0.6

VULHUB: VHN-142700
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-11089
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-142700
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-11089
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-11089
baseSeverity: MEDIUM
baseScore: 5.5
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-142700 // JVNDB: JVNDB-2019-012132 // CNNVD: CNNVD-201911-602 // NVD: CVE-2019-11089

PROBLEMTYPE DATA

problemtype:CWE-20

Trust: 1.9

sources: VULHUB: VHN-142700 // JVNDB: JVNDB-2019-012132 // NVD: CVE-2019-11089

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201911-602

TYPE

input validation error

Trust: 0.6

sources: CNNVD: CNNVD-201911-602

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-012132

PATCH

title:INTEL-SA-00242url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Trust: 0.8

title:Intel Graphics Drivers Kernel Mode Fixes for module input validation error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105204

Trust: 0.6

sources: JVNDB: JVNDB-2019-012132 // CNNVD: CNNVD-201911-602

EXTERNAL IDS

db:NVDid:CVE-2019-11089

Trust: 2.5

db:JVNid:JVNVU90354904

Trust: 0.8

db:JVNDBid:JVNDB-2019-012132

Trust: 0.8

db:CNNVDid:CNNVD-201911-602

Trust: 0.7

db:LENOVOid:LEN-28235

Trust: 0.6

db:VULHUBid:VHN-142700

Trust: 0.1

sources: VULHUB: VHN-142700 // JVNDB: JVNDB-2019-012132 // CNNVD: CNNVD-201911-602 // NVD: CVE-2019-11089

REFERENCES

url:https://security.netapp.com/advisory/ntap-20200320-0005/

Trust: 1.7

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-11089

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11089

Trust: 0.8

url:https://jvn.jp/vu/jvnvu90354904/

Trust: 0.8

url:https://support.lenovo.com/us/en/product_security/len-28235

Trust: 0.6

sources: VULHUB: VHN-142700 // JVNDB: JVNDB-2019-012132 // CNNVD: CNNVD-201911-602 // NVD: CVE-2019-11089

SOURCES

db:VULHUBid:VHN-142700
db:JVNDBid:JVNDB-2019-012132
db:CNNVDid:CNNVD-201911-602
db:NVDid:CVE-2019-11089

LAST UPDATE DATE

2024-11-23T19:25:59.370000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-142700date:2020-03-20T00:00:00
db:JVNDBid:JVNDB-2019-012132date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-602date:2020-03-24T00:00:00
db:NVDid:CVE-2019-11089date:2024-11-21T04:20:31.007

SOURCES RELEASE DATE

db:VULHUBid:VHN-142700date:2019-11-14T00:00:00
db:JVNDBid:JVNDB-2019-012132date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-602date:2019-11-12T00:00:00
db:NVDid:CVE-2019-11089date:2019-11-14T20:15:11.680