CVE-2018-12154 - Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.3

CVE-2018-12154

Summary

Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user to potentially create an infinite loop and crash an application via local access.

References

Vulnerable Configurations

cpe:2.3:o:intel:graphics_driver:15.33.43.4425:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.33.43.4425:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.33.45.4653:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.33.45.4653:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.33.46.4885:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.33.46.4885:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.36.26.4294:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.36.26.4294:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.36.28.4332:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.36.28.4332:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.36.31.4414:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.36.31.4414:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.36.33.4578:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.36.33.4578:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.36.34.4889:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.36.34.4889:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.40.34.4624:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.40.36.4703:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.40.37.4835:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.40.38.4963:*:*:*:*:*:*:*
cpe:2.3:o:intel:graphics_driver:15.40.38.4963:*:*:*:*:*:*:*

CVSS

Base:	2.1 (as of 30-10-2019 - 03:15)
Impact:
Exploitability:

CWE

CWE-835

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:L/AC:L/Au:N/C:N/I:N/A:P

refmap via4

bid	105582
confirm	https://support.apple.com/kb/HT210634 https://support.apple.com/kb/HT210722 https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00166.html
fulldisc	20191031 APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15 20191031 APPLE-SA-2019-10-29-2 macOS Catalina 10.15.1, Security Update 2019-001 Mojave, Security Update 2019-006 High Sierra

Last major update

30-10-2019 - 03:15

Published

15-10-2018 - 18:29

Last modified

30-10-2019 - 03:15