Potential security vulnerabilities in some Intel® Graphics Drivers may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities.
CVEID: CVE-2021-0061
Description: Improper initialization in some Intel® Graphics Driver before version 27.20.100.9030 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Base Score: 6.7 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
CVEID: CVE-2021-0012
Description: Use after free in some Intel® Graphics Driver before version 27.20.100.8336, 15.45.33.5164, and 15.40.47.5166 may allow an authenticated user to potentially enable denial of service via local access.
CVSS Base Score: 5.6 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H****
CVEID: CVE-2021-0062
Description: Improper input validation in some Intel® Graphics Drivers before version 27.20.100.8935 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVSS Base Score: 4.7 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Intel® Graphics Windows 10 Legacy Drivers before version 27.20.100.9171.
Intel® Graphics Windows 10 DCH Drivers before version 27.20.100.9030.
Intel® Graphics Driver for Windows before version 15.45.33.5164.
Intel® Graphics Driver for Windows before version 15.40.47.5166.
Intel recommends that users of Intel® Graphics Windows 10 non-dch Driver update to the latest version provided by the system manufacturer that addresses these issues.
Intel recommends updating the Intel® Graphics Windows 10 DCH Drivers update to version 27.20.100.9030 or later. Updates are available for download at this location:
<https://downloadcenter.intel.com/download/30066/Intel-Graphics-Windows-10-DCH-Drivers>
Intel recommends updating the Intel® Graphics Driver for Windows update to version 15.45.33.5164 or later. Updates are available for download at this location:
Intel recommends updating the Intel® Graphics Driver for Windows update to version 15.40.47.5166 or later. Updates are available for download at this location:
Intel would like to thank “houjingyi” for reporting this issue CVE-2021-0061.
The following issues were found internally by Intel, CVE-2021-0062 and CVE-2021-0012.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.