ID

VAR-201911-1760


CVE

CVE-2019-11112


TITLE

Intel(R) Graphics Driver Vulnerability in Permission Management

Trust: 0.8

sources: JVNDB: JVNDB-2019-012128

DESCRIPTION

Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel(R) Graphics Driver Contains a privilege management vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A security vulnerability exists in the Kernel Mode Driver in Intel Graphics Drivers versions prior to 26.20.100.6813 (DCH) or versions prior to 26.20.100.6812. A local attacker could exploit this vulnerability to elevate privileges

Trust: 1.71

sources: NVD: CVE-2019-11112 // JVNDB: JVNDB-2019-012128 // VULHUB: VHN-142726

AFFECTED PRODUCTS

vendor:intelmodel:graphics driverscope:ltversion:26.20.100.6812

Trust: 1.8

vendor:intelmodel:graphics driverscope:ltversion:15.45.5077

Trust: 1.0

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:netappmodel:data availability servicesscope:eqversion: -

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:intelmodel:graphics driverscope:gteversion:24.20.100.6025

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:26.20.100.6813 (dch)

Trust: 0.8

sources: JVNDB: JVNDB-2019-012128 // NVD: CVE-2019-11112

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-11112
value: HIGH

Trust: 1.0

NVD: CVE-2019-11112
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201911-601
value: HIGH

Trust: 0.6

VULHUB: VHN-142726
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-11112
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-142726
severity: HIGH
baseScore: 7.2
vectorString: AV:L/AC:L/AU:N/C:C/I:C/A:C
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 3.9
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-11112
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2019-11112
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-142726 // JVNDB: JVNDB-2019-012128 // CNNVD: CNNVD-201911-601 // NVD: CVE-2019-11112

PROBLEMTYPE DATA

problemtype:CWE-787

Trust: 1.0

problemtype:CWE-269

Trust: 0.9

sources: VULHUB: VHN-142726 // JVNDB: JVNDB-2019-012128 // NVD: CVE-2019-11112

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201911-601

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201911-601

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-012128

PATCH

title:INTEL-SA-00242url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Trust: 0.8

title:Intel Graphics Drivers Kernel Mode Driver Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105203

Trust: 0.6

sources: JVNDB: JVNDB-2019-012128 // CNNVD: CNNVD-201911-601

EXTERNAL IDS

db:NVDid:CVE-2019-11112

Trust: 2.5

db:JVNid:JVNVU90354904

Trust: 0.8

db:JVNDBid:JVNDB-2019-012128

Trust: 0.8

db:CNNVDid:CNNVD-201911-601

Trust: 0.7

db:LENOVOid:LEN-28235

Trust: 0.6

db:VULHUBid:VHN-142726

Trust: 0.1

sources: VULHUB: VHN-142726 // JVNDB: JVNDB-2019-012128 // CNNVD: CNNVD-201911-601 // NVD: CVE-2019-11112

REFERENCES

url:https://security.netapp.com/advisory/ntap-20200320-0005/

Trust: 1.7

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-11112

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11112

Trust: 0.8

url:https://jvn.jp/vu/jvnvu90354904/

Trust: 0.8

url:https://support.lenovo.com/us/en/product_security/len-28235

Trust: 0.6

sources: VULHUB: VHN-142726 // JVNDB: JVNDB-2019-012128 // CNNVD: CNNVD-201911-601 // NVD: CVE-2019-11112

SOURCES

db:VULHUBid:VHN-142726
db:JVNDBid:JVNDB-2019-012128
db:CNNVDid:CNNVD-201911-601
db:NVDid:CVE-2019-11112

LAST UPDATE DATE

2024-11-23T20:30:30.603000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-142726date:2020-03-20T00:00:00
db:JVNDBid:JVNDB-2019-012128date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-601date:2022-04-01T00:00:00
db:NVDid:CVE-2019-11112date:2024-11-21T04:20:33.597

SOURCES RELEASE DATE

db:VULHUBid:VHN-142726date:2019-11-14T00:00:00
db:JVNDBid:JVNDB-2019-012128date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-601date:2019-11-12T00:00:00
db:NVDid:CVE-2019-11112date:2019-11-14T19:15:13.017