CVE-2018-12153 — Improper Input Validation in Corporation Intel Graphics Driver

CWE-20 — Improper Input Validation5 documents4 sources

Severity

6.5MEDIUMNVD

EPSS

0.2%

top 54.49%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Corporation Intel Graphics Driver Intel Graphics Driver

Timeline

PublishedOct 10

Latest updateMay 13

Description

Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user from a virtual machine guest to potentially crash the host system via local access.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0

Affected Packages2 packages

▶NVDintel/graphics_driver15 versions+14

▶CVEListV5intel_corporation/intel_graphics_driverVarious

🔴Vulnerability Details

GHSA

GHSA-cgw8-6rc7-29xf: Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10↗2022-05-13

▶

CVEList

CVE-2018-12153: Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10↗2018-10-10

▶

📋Vendor Advisories

Apple

CVE-2018-12153: macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006↗2019-10-29

▶

Apple

CVE-2018-12153: macOS Catalina 10.15↗2019-10-07

▶