Lucene search

K
cve[email protected]CVE-2018-12224
HistoryMar 14, 2019 - 8:29 p.m.

CVE-2018-12224

2019-03-1420:29:01
CWE-200
web.nvd.nist.gov
43
cve-2018-12224
buffer leakage
igdkm64.sys
intel
graphics driver
windows
information disclosure
local access

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

5 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

12.6%

Buffer leakage in igdkm64.sys in Intelยฎ Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access.

Affected configurations

NVD
Node
intelgraphics_driverMatch15.33.43.4425
OR
intelgraphics_driverMatch15.33.45.4653
OR
intelgraphics_driverMatch15.33.46.4885
OR
intelgraphics_driverMatch15.36.26.4294
OR
intelgraphics_driverMatch15.36.28.4332
OR
intelgraphics_driverMatch15.36.31.4414
OR
intelgraphics_driverMatch15.36.33.4578
OR
intelgraphics_driverMatch15.36.34.4889
OR
intelgraphics_driverMatch15.40.34.4624
OR
intelgraphics_driverMatch15.40.36.4703
OR
intelgraphics_driverMatch15.40.37.4835
OR
intelgraphics_driverMatch15.40.38.4963
OR
intelgraphics_driverMatch15.40.41.5058
OR
intelgraphics_driverMatch15.45.18.4664
OR
intelgraphics_driverMatch15.45.19.4678
OR
intelgraphics_driverMatch15.45.21.4821
OR
intelgraphics_driverMatch15.45.23.4860
OR
intelgraphics_driverMatch24.20.100.6025
OR
intelgraphics_driverMatch24.20.100.6094
OR
intelgraphics_driverMatch24.20.100.6136
OR
intelgraphics_driverMatch24.20.100.6194
OR
intelgraphics_driverMatch24.20.100.6229
OR
intelgraphics_driverMatch24.20.100.6286
AND
microsoftwindowsMatch-

CNA Affected

[
  {
    "product": "Intel(R) Graphics Driver for Windows",
    "vendor": "Intel Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Multiple versions."
      }
    ]
  }
]

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

5 Medium

AI Score

Confidence

Low

2.1 Low

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

0.0004 Low

EPSS

Percentile

12.6%

Related for CVE-2018-12224