cvelistv5 - cve-2019-11165

CVE-2019-11165 (GCVE-0-2019-11165)

Vulnerability from cvelistv5

Published

2019-12-16 19:12

Modified

2024-08-04 22:48

Severity ?

CWE

Denial of Service

Summary

References

URL

	Vendor	Product	Version
	n/a	Intel(R) FPGA SDK for OpenCL(TM) Pro Edition	Version: before version 19.4

var-201912-1811

Vulnerability from variot

Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) FPGA SDK for OpenCL(TM) Pro Edition Contains an exceptional condition check vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel FPGA SDK for OpenCL Pro is a software development toolkit for building OpenCL applications developed by Intel Corporation. The Linux kernel driver is one of the drivers for the Linux platform. The Linux kernel driver in versions prior to Intel FPGA SDK for OpenCL Pro 19.4 has a code issue vulnerability. A local attacker could exploit this vulnerability to cause a denial of service

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201912-1811",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "field programmable gate array software development kit for opencl",
        "scope": "lt",
        "trust": 1.0,
        "vendor": "intel",
        "version": "19.4"
      },
      {
        "model": "fpga sdk for opencl",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "intel",
        "version": "pro 19.4"
      },
      {
        "model": "field programmable gate array software development kit for opencl",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "19.3"
      },
      {
        "model": "field programmable gate array software development kit for opencl",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "16.0"
      },
      {
        "model": "field programmable gate array software development kit for opencl",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "15.1"
      },
      {
        "model": "field programmable gate array software development kit for opencl",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "19.1"
      },
      {
        "model": "field programmable gate array software development kit for opencl",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "17.0"
      },
      {
        "model": "field programmable gate array software development kit for opencl",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "18.0"
      },
      {
        "model": "field programmable gate array software development kit for opencl",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "16.1"
      },
      {
        "model": "field programmable gate array software development kit for opencl",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "17.1"
      },
      {
        "model": "field programmable gate array software development kit for opencl",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "18.1"
      },
      {
        "model": "field programmable gate array software development kit for opencl",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "intel",
        "version": "19.2"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-013409"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201912-577"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11165"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "cpe_match": [
              {
                "cpe22Uri": "cpe:/a:intel:field_programmable_gate_array_software_development_kit_for_opencl",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-013409"
      }
    ]
  },
  "cve": "CVE-2019-11165",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "nvd@nist.gov",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "CVE-2019-11165",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 1.9,
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 3.9,
            "id": "VHN-142784",
            "impactScore": 2.9,
            "integrityImpact": "NONE",
            "severity": "LOW",
            "trust": 0.1,
            "vectorString": "AV:L/AC:L/AU:N/C:N/I:N/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "author": "nvd@nist.gov",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 1.8,
            "id": "CVE-2019-11165",
            "impactScore": 3.6,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Local",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 5.5,
            "baseSeverity": "Medium",
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2019-11165",
            "impactScore": null,
            "integrityImpact": "None",
            "privilegesRequired": "Low",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "nvd@nist.gov",
            "id": "CVE-2019-11165",
            "trust": 1.0,
            "value": "MEDIUM"
          },
          {
            "author": "NVD",
            "id": "CVE-2019-11165",
            "trust": 0.8,
            "value": "Medium"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201912-577",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-142784",
            "trust": 0.1,
            "value": "LOW"
          },
          {
            "author": "VULMON",
            "id": "CVE-2019-11165",
            "trust": 0.1,
            "value": "LOW"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11165"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-013409"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201912-577"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11165"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) FPGA SDK for OpenCL(TM) Pro Edition Contains an exceptional condition check vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel FPGA SDK for OpenCL Pro is a software development toolkit for building OpenCL applications developed by Intel Corporation. The Linux kernel driver is one of the drivers for the Linux platform. The Linux kernel driver in versions prior to Intel FPGA SDK for OpenCL Pro 19.4 has a code issue vulnerability. A local attacker could exploit this vulnerability to cause a denial of service",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2019-11165"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-013409"
      },
      {
        "db": "VULHUB",
        "id": "VHN-142784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11165"
      }
    ],
    "trust": 1.8
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2019-11165",
        "trust": 2.6
      },
      {
        "db": "JVN",
        "id": "JVNVU93632155",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-013409",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201912-577",
        "trust": 0.7
      },
      {
        "db": "AUSCERT",
        "id": "ESB-2019.4649",
        "trust": 0.6
      },
      {
        "db": "CNVD",
        "id": "CNVD-2020-18608",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-142784",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11165",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11165"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-013409"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201912-577"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11165"
      }
    ]
  },
  "id": "VAR-201912-1811",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142784"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-11-23T20:05:20.794000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "INTEL-SA-00284",
        "trust": 0.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html"
      },
      {
        "title": "Intel FPGA SDK Fixes for code issue vulnerabilities",
        "trust": 0.6,
        "url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105910"
      },
      {
        "title": "",
        "trust": 0.1,
        "url": "https://github.com/Live-Hack-CVE/CVE-2019-11165 "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2019-11165"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-013409"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201912-577"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-754",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142784"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-013409"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11165"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html"
      },
      {
        "trust": 1.4,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11165"
      },
      {
        "trust": 1.0,
        "url": "https://support.f5.com/csp/article/k07357521?utm_source=f5support\u0026amp%3butm_medium=rss"
      },
      {
        "trust": 0.8,
        "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11165"
      },
      {
        "trust": 0.8,
        "url": "https://jvn.jp/vu/jvnvu93632155/"
      },
      {
        "trust": 0.7,
        "url": "https://support.f5.com/csp/article/k07357521?utm_source=f5support\u0026utm_medium=rss"
      },
      {
        "trust": 0.6,
        "url": "https://www.auscert.org.au/bulletins/esb-2019.4649/"
      },
      {
        "trust": 0.1,
        "url": "https://support.f5.com/csp/article/k07357521?utm_source=f5support\u0026amp;amp;utm_medium=rss"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/754.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/live-hack-cve/cve-2019-11165"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-142784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11165"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-013409"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201912-577"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11165"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-142784"
      },
      {
        "db": "VULMON",
        "id": "CVE-2019-11165"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-013409"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201912-577"
      },
      {
        "db": "NVD",
        "id": "CVE-2019-11165"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-12-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142784"
      },
      {
        "date": "2019-12-16T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-11165"
      },
      {
        "date": "2019-12-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-013409"
      },
      {
        "date": "2019-12-12T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201912-577"
      },
      {
        "date": "2019-12-16T20:15:14.663000",
        "db": "NVD",
        "id": "CVE-2019-11165"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2023-01-28T00:00:00",
        "db": "VULHUB",
        "id": "VHN-142784"
      },
      {
        "date": "2023-01-28T00:00:00",
        "db": "VULMON",
        "id": "CVE-2019-11165"
      },
      {
        "date": "2019-12-27T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2019-013409"
      },
      {
        "date": "2019-12-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201912-577"
      },
      {
        "date": "2024-11-21T04:20:39.083000",
        "db": "NVD",
        "id": "CVE-2019-11165"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "local",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201912-577"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Intel(R) FPGA SDK for OpenCL(TM) Pro Edition Vulnerabilities related to exceptional state checking",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2019-013409"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "code problem",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-201912-577"
      }
    ],
    "trust": 0.6
  }
}

CERTFR-2019-AVI-623

Vulnerability from certfr_avis

De multiples vulnérabilités ont été découvertes dans les produits Intel. Elles permettent à un attaquant de provoquer un déni de service, une atteinte à la confidentialité des données et une élévation de privilèges.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Intel	N/A	Intel Quartus Prime Pro Edition versions antérieures à 19.3
Intel	N/A	Intel FPGA SDK for OpenCL versions antérieures à 19.3 et sans le correctif de sécurité 0.24
Intel	N/A	Intel RST versions antérieures à 17.7.0.1006
Intel	N/A	Intel Ethernet I218 Adapter driver for Windows 10 versions antérieures à 24.1
Intel	N/A	Linux Administrative Tools for Intel Network Adapters versions antérieures à 24.3
Intel	N/A	Intel Dynamic Platform et Thermal Framework sans le dernier correctif de sécurité
Intel	N/A	Control Center-I versions 2.1.0.0 et antérieures
Intel	N/A	Intel NUC ; voir le site du constructeur pour la liste complète des produits vulnérables (cf. section Documentation)
Intel	N/A	les processeurs Intel ; voir le site du constructeur pour la liste complète des produits vulnérables (cf. section Documentation)
Intel	N/A	Intel SCS Platform Discovery Utility (produit considéré comme obsolète par Intel)

References

Title

Publication Time

fkie_cve-2019-11165

Vulnerability from fkie_nvd

Published

2019-12-16 20:15

Modified

2024-11-21 04:20

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Summary

References

URL	Tags
secure@intel.com	https://support.f5.com/csp/article/K07357521?utm_source=f5support&amp%3Butm_medium=RSS
secure@intel.com	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://support.f5.com/csp/article/K07357521?utm_source=f5support&amp%3Butm_medium=RSS
af854a3a-2127-422b-91ae-364da2661108	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html	Patch, Vendor Advisory

Impacted products

	Vendor	Product	Version
	intel	field_programmable_gate_array_software_development_kit_for_opencl	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:*:*:*:*:pro:*:*:*",
              "matchCriteriaId": "DE9F3647-95ED-422C-BB0B-A0F2363D148A",
              "versionEndExcluding": "19.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service via local access."
    },
    {
      "lang": "es",
      "value": "Una comprobaci\u00f3n de condiciones inapropiadas en el controlador del kernel de Linux para Intel(R) FPGA SDK para OpenCL(TM) Pro Edition versiones anteriores a 19.4, puede permitir a un usuario autenticado habilitar potencialmente una denegaci\u00f3n de servicio por medio de un acceso local."
    }
  ],
  "id": "CVE-2019-11165",
  "lastModified": "2024-11-21T04:20:39.083",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 2.1,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 5.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.8,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2019-12-16T20:15:14.663",
  "references": [
    {
      "source": "secure@intel.com",
      "url": "https://support.f5.com/csp/article/K07357521?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "secure@intel.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K07357521?utm_source=f5support\u0026amp%3Butm_medium=RSS"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html"
    }
  ],
  "sourceIdentifier": "secure@intel.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-754"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-r884-vv7j-r68q

Vulnerability from github

Published

2022-05-24 17:03

Modified

2023-01-28 03:30

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2019-11165"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-754"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2019-12-16T20:15:00Z",
    "severity": "LOW"
  },
  "details": "Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service via local access.",
  "id": "GHSA-r884-vv7j-r68q",
  "modified": "2023-01-28T03:30:28Z",
  "published": "2022-05-24T17:03:41Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-11165"
    },
    {
      "type": "WEB",
      "url": "https://support.f5.com/csp/article/K07357521?utm_source=f5support\u0026amp;utm_medium=RSS"
    },
    {
      "type": "WEB",
      "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

cnvd-2020-18608

Vulnerability from cnvd

Title

Intel FPGA SDK代码问题漏洞

Description

Intel FPGA SDK for OpenCL Pro是美国英特尔（Intel）公司的一款用于构建OpenCL应用程序的软件开发工具包。Linux kernel driver是其中的一个用于Linux平台的驱动程序。 Intel FPGA SDK存在代码问题漏洞。攻击者可利用该漏洞造成拒绝服务。

Severity

低

Patch Name

Intel FPGA SDK代码问题漏洞的补丁

Patch Description

Intel FPGA SDK for OpenCL Pro是美国英特尔（Intel）公司的一款用于构建OpenCL应用程序的软件开发工具包。Linux kernel driver是其中的一个用于Linux平台的驱动程序。 Intel FPGA SDK存在代码问题漏洞。攻击者可利用该漏洞造成拒绝服务。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html

Reference

https://nvd.nist.gov/vuln/detail/CVE-2019-11165

Impacted products

Name
Intel FPGA SDK for OpenCL Pro <19.4

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2019-11165",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2019-11165"
    }
  },
  "description": "Intel FPGA SDK for OpenCL Pro\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u7528\u4e8e\u6784\u5efaOpenCL\u5e94\u7528\u7a0b\u5e8f\u7684\u8f6f\u4ef6\u5f00\u53d1\u5de5\u5177\u5305\u3002Linux kernel driver\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7528\u4e8eLinux\u5e73\u53f0\u7684\u9a71\u52a8\u7a0b\u5e8f\u3002\n\nIntel FPGA SDK\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2020-18608",
  "openTime": "2020-03-22",
  "patchDescription": "Intel FPGA SDK for OpenCL Pro\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u7528\u4e8e\u6784\u5efaOpenCL\u5e94\u7528\u7a0b\u5e8f\u7684\u8f6f\u4ef6\u5f00\u53d1\u5de5\u5177\u5305\u3002Linux kernel driver\u662f\u5176\u4e2d\u7684\u4e00\u4e2a\u7528\u4e8eLinux\u5e73\u53f0\u7684\u9a71\u52a8\u7a0b\u5e8f\u3002\r\n\r\nIntel FPGA SDK\u5b58\u5728\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u9020\u6210\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Intel FPGA SDK\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "Intel FPGA SDK for OpenCL Pro \u003c19.4"
  },
  "referenceLink": "https://nvd.nist.gov/vuln/detail/CVE-2019-11165",
  "serverity": "\u4f4e",
  "submitTime": "2019-12-16",
  "title": "Intel FPGA SDK\u4ee3\u7801\u95ee\u9898\u6f0f\u6d1e"
}

gsd-2019-11165

Vulnerability from gsd

Modified

2023-12-13 01:24

Details

Aliases

CVE-2019-11165

Aliases

CVE-2019-11165

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2019-11165",
    "description": "Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service via local access.",
    "id": "GSD-2019-11165"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2019-11165"
      ],
      "details": "Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service via local access.",
      "id": "GSD-2019-11165",
      "modified": "2023-12-13T01:24:01.666777Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@intel.com",
        "ID": "CVE-2019-11165",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "Intel(R) FPGA SDK for OpenCL(TM) Pro Edition",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "before version 19.4"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service via local access."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "Denial of Service"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html",
            "refsource": "MISC",
            "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html"
          },
          {
            "name": "https://support.f5.com/csp/article/K07357521?utm_source=f5support\u0026amp;utm_medium=RSS",
            "refsource": "CONFIRM",
            "url": "https://support.f5.com/csp/article/K07357521?utm_source=f5support\u0026amp;utm_medium=RSS"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:intel:field_programmable_gate_array_software_development_kit_for_opencl:*:*:*:*:pro:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "19.4",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@intel.com",
          "ID": "CVE-2019-11165"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service via local access."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-754"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html"
            },
            {
              "name": "https://support.f5.com/csp/article/K07357521?utm_source=f5support\u0026amp;utm_medium=RSS",
              "refsource": "CONFIRM",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://support.f5.com/csp/article/K07357521?utm_source=f5support\u0026amp;utm_medium=RSS"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "LOCAL",
            "authentication": "NONE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 2.1,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 3.9,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "LOW",
          "userInteractionRequired": false
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "exploitabilityScore": 1.8,
          "impactScore": 3.6
        }
      },
      "lastModifiedDate": "2023-01-28T02:40Z",
      "publishedDate": "2019-12-16T20:15Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2019-11165 (GCVE-0-2019-11165)

Vulnerability from cvelistv5

var-201912-1811

Vulnerability from variot

CERTFR-2019-AVI-623

Vulnerability from certfr_avis

Solution

fkie_cve-2019-11165

Vulnerability from fkie_nvd

ghsa-r884-vv7j-r68q

Vulnerability from github

cnvd-2020-18608

Vulnerability from cnvd

gsd-2019-11165

Vulnerability from gsd

Tags

Sightings

Nomenclature