ID

VAR-201911-1761


CVE

CVE-2019-11113


TITLE

Intel(R) Graphics Driver Buffer error vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2019-012135

DESCRIPTION

Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access. Intel(R) Graphics Driver Contains a buffer error vulnerability.Information may be obtained. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A local attacker could exploit this vulnerability to obtain sensitive information

Trust: 1.71

sources: NVD: CVE-2019-11113 // JVNDB: JVNDB-2019-012135 // VULHUB: VHN-142727

AFFECTED PRODUCTS

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.22.54.64.2622

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.36.37.5074

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.45.27.5068

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.36.36.5067

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.22.58.2993

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.40.14.4352

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.45.29.5077

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.22.58.64.2993

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.28.24.64.4229

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.28.24.4229

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.40.42.5063

Trust: 1.0

vendor:netappmodel:data availability servicesscope:eqversion: -

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.40.1.64.4256

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.45.26.5065

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.22.54.2622

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.33.48.5069

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.40.7.64.4279

Trust: 1.0

vendor:netappmodel:solidfire baseboard management controllerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:intelmodel:graphics driverscope:eqversion:15.40.26.4474

Trust: 1.0

vendor:intelmodel:graphics driverscope:ltversion:25.20.100.6618

Trust: 1.0

vendor:intelmodel:graphics driverscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2019-012135 // NVD: CVE-2019-11113

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-11113
value: MEDIUM

Trust: 1.0

NVD: CVE-2019-11113
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201911-599
value: MEDIUM

Trust: 0.6

VULHUB: VHN-142727
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-11113
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-142727
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-11113
baseSeverity: MEDIUM
baseScore: 4.4
vectorString: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 0.8
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-11113
baseSeverity: MEDIUM
baseScore: 4.4
vectorString: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: HIGH
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-142727 // JVNDB: JVNDB-2019-012135 // CNNVD: CNNVD-201911-599 // NVD: CVE-2019-11113

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.9

sources: VULHUB: VHN-142727 // JVNDB: JVNDB-2019-012135 // NVD: CVE-2019-11113

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201911-599

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-201911-599

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-012135

PATCH

title:INTEL-SA-00242url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Trust: 0.8

title:Intel Graphics Drivers Kernel Mode Fixes for module buffer error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105201

Trust: 0.6

sources: JVNDB: JVNDB-2019-012135 // CNNVD: CNNVD-201911-599

EXTERNAL IDS

db:NVDid:CVE-2019-11113

Trust: 2.5

db:JVNid:JVNVU90354904

Trust: 0.8

db:JVNDBid:JVNDB-2019-012135

Trust: 0.8

db:CNNVDid:CNNVD-201911-599

Trust: 0.7

db:LENOVOid:LEN-28235

Trust: 0.6

db:VULHUBid:VHN-142727

Trust: 0.1

sources: VULHUB: VHN-142727 // JVNDB: JVNDB-2019-012135 // CNNVD: CNNVD-201911-599 // NVD: CVE-2019-11113

REFERENCES

url:https://security.netapp.com/advisory/ntap-20200320-0005/

Trust: 1.7

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Trust: 1.7

url:https://nvd.nist.gov/vuln/detail/cve-2019-11113

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11113

Trust: 0.8

url:https://jvn.jp/vu/jvnvu90354904/

Trust: 0.8

url:https://support.lenovo.com/us/en/product_security/len-28235

Trust: 0.6

sources: VULHUB: VHN-142727 // JVNDB: JVNDB-2019-012135 // CNNVD: CNNVD-201911-599 // NVD: CVE-2019-11113

SOURCES

db:VULHUBid:VHN-142727
db:JVNDBid:JVNDB-2019-012135
db:CNNVDid:CNNVD-201911-599
db:NVDid:CVE-2019-11113

LAST UPDATE DATE

2024-11-23T19:28:26.557000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-142727date:2020-03-20T00:00:00
db:JVNDBid:JVNDB-2019-012135date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-599date:2020-03-24T00:00:00
db:NVDid:CVE-2019-11113date:2024-11-21T04:20:33.703

SOURCES RELEASE DATE

db:VULHUBid:VHN-142727date:2019-11-14T00:00:00
db:JVNDBid:JVNDB-2019-012135date:2019-11-26T00:00:00
db:CNNVDid:CNNVD-201911-599date:2019-11-12T00:00:00
db:NVDid:CVE-2019-11113date:2019-11-14T20:15:11.807