cnvd - cnvd-2020-18593

cnvd-2020-18593

Vulnerability from cnvd

Title: Intel i915 Graphics Kernel Mode Driver输入验证错误漏洞

Description:

Intel i915 Graphics是美国英特尔（Intel）公司的一套图形显卡驱动程序。Kernel Mode Driver是其中的一个内核模式驱动程序。

Intel i915 Graphics Kernel Mode Driver存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。目前暂无详细的漏洞细节提供。

Severity: 中

Patch Name: Intel i915 Graphics Kernel Mode Driver输入验证错误漏洞的补丁

Patch Description:

Intel i915 Graphics是美国英特尔（Intel）公司的一套图形显卡驱动程序。Kernel Mode Driver是其中的一个内核模式驱动程序。

Intel i915 Graphics Kernel Mode Driver存在输入验证错误漏洞。该漏洞源于网络系统或产品未对输入的数据进行正确的验证。目前暂无详细的漏洞细节提供。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html

Reference: https://nvd.nist.gov/vuln/detail/CVE-2019-11085

Impacted products

Name
Intel i915 Graphics <5.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-11085",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11085"
    }
  },
  "description": "Intel i915 Graphics\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u5957\u56fe\u5f62\u663e\u5361\u9a71\u52a8\u7a0b\u5e8f\u3002Kernel Mode Driver\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5185\u6838\u6a21\u5f0f\u9a71\u52a8\u7a0b\u5e8f\u3002\n\nIntel i915 Graphics Kernel Mode Driver\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u76ee\u524d\u6682\u65e0\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-18593",
  "openTime": "2020-03-22",
  "patchDescription": "Intel i915 Graphics\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u5957\u56fe\u5f62\u663e\u5361\u9a71\u52a8\u7a0b\u5e8f\u3002Kernel Mode Driver\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u5185\u6838\u6a21\u5f0f\u9a71\u52a8\u7a0b\u5e8f\u3002\r\n\r\nIntel i915 Graphics Kernel Mode Driver\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u76ee\u524d\u6682\u65e0\u8be6\u7ec6\u7684\u6f0f\u6d1e\u7ec6\u8282\u63d0\u4f9b\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intel i915 Graphics Kernel Mode Driver\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Intel i915 Graphics \u003c5.0"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-11085",
  "serverity": "\u4e2d",
  "submitTime": "2019-05-22",
  "title": "Intel i915 Graphics Kernel Mode Driver\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2019-11085 (GCVE-0-2019-11085)

Vulnerability from cvelistv5

Published

2019-05-17 15:41

Modified

2024-08-04 22:40

Severity ?

CWE

Escalation of Privilege

Summary

Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

References

▼	URL	Tags
	https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html	x_refsource_MISC
	https://support.f5.com/csp/article/K09376613	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/108488	vdb-entry, x_refsource_BID
	http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html	vendor-advisory, x_refsource_SUSE
	http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html	vendor-advisory, x_refsource_SUSE
	https://usn.ubuntu.com/4068-1/	vendor-advisory, x_refsource_UBUNTU
	https://usn.ubuntu.com/4068-2/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2019:1873	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:1891	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:1959	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2019:1971	vendor-advisory, x_refsource_REDHAT
	https://usn.ubuntu.com/4118-1/	vendor-advisory, x_refsource_UBUNTU
	https://access.redhat.com/errata/RHSA-2020:0543	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2020:0592	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2020:0609	vendor-advisory, x_refsource_REDHAT

Impacted products

	Vendor	Product	Version
	n/a	Intel(R) i915 Graphics for Linux	Version: Versions before 5.0.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T22:40:16.359Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://support.f5.com/csp/article/K09376613"
          },
          {
            "name": "108488",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/108488"
          },
          {
            "name": "openSUSE-SU-2019:1479",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html"
          },
          {
            "name": "openSUSE-SU-2019:1579",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html"
          },
          {
            "name": "USN-4068-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4068-1/"
          },
          {
            "name": "USN-4068-2",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4068-2/"
          },
          {
            "name": "RHSA-2019:1873",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1873"
          },
          {
            "name": "RHSA-2019:1891",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1891"
          },
          {
            "name": "RHSA-2019:1959",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1959"
          },
          {
            "name": "RHSA-2019:1971",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2019:1971"
          },
          {
            "name": "USN-4118-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "https://usn.ubuntu.com/4118-1/"
          },
          {
            "name": "RHSA-2020:0543",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0543"
          },
          {
            "name": "RHSA-2020:0592",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0592"
          },
          {
            "name": "RHSA-2020:0609",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2020:0609"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Intel(R) i915 Graphics for Linux",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "Versions before 5.0."
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Escalation of Privilege",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2020-02-26T12:06:03",
        "orgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
        "shortName": "intel"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://support.f5.com/csp/article/K09376613"
        },
        {
          "name": "108488",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/108488"
        },
        {
          "name": "openSUSE-SU-2019:1479",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html"
        },
        {
          "name": "openSUSE-SU-2019:1579",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html"
        },
        {
          "name": "USN-4068-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4068-1/"
        },
        {
          "name": "USN-4068-2",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4068-2/"
        },
        {
          "name": "RHSA-2019:1873",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1873"
        },
        {
          "name": "RHSA-2019:1891",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1891"
        },
        {
          "name": "RHSA-2019:1959",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1959"
        },
        {
          "name": "RHSA-2019:1971",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2019:1971"
        },
        {
          "name": "USN-4118-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "https://usn.ubuntu.com/4118-1/"
        },
        {
          "name": "RHSA-2020:0543",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0543"
        },
        {
          "name": "RHSA-2020:0592",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0592"
        },
        {
          "name": "RHSA-2020:0609",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2020:0609"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11085",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Intel(R) i915 Graphics for Linux",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Versions before 5.0."
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "Escalation of Privilege"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html",
              "refsource": "MISC",
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html"
            },
            {
              "name": "https://support.f5.com/csp/article/K09376613",
              "refsource": "CONFIRM",
              "url": "https://support.f5.com/csp/article/K09376613"
            },
            {
              "name": "108488",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/108488"
            },
            {
              "name": "openSUSE-SU-2019:1479",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html"
            },
            {
              "name": "openSUSE-SU-2019:1579",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html"
            },
            {
              "name": "USN-4068-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4068-1/"
            },
            {
              "name": "USN-4068-2",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4068-2/"
            },
            {
              "name": "RHSA-2019:1873",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1873"
            },
            {
              "name": "RHSA-2019:1891",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1891"
            },
            {
              "name": "RHSA-2019:1959",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1959"
            },
            {
              "name": "RHSA-2019:1971",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2019:1971"
            },
            {
              "name": "USN-4118-1",
              "refsource": "UBUNTU",
              "url": "https://usn.ubuntu.com/4118-1/"
            },
            {
              "name": "RHSA-2020:0543",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0543"
            },
            {
              "name": "RHSA-2020:0592",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0592"
            },
            {
              "name": "RHSA-2020:0609",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2020:0609"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "6dda929c-bb53-4a77-a76d-48e79601a1ce",
    "assignerShortName": "intel",
    "cveId": "CVE-2019-11085",
    "datePublished": "2019-05-17T15:41:37",
    "dateReserved": "2019-04-11T00:00:00",
    "dateUpdated": "2024-08-04T22:40:16.359Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted