CVE-2018-12154 — Infinite Loop in Corporation Intel Graphics Driver

CWE-835 — Infinite Loop5 documents4 sources

Severity

5.5MEDIUMNVD

EPSS

0.3%

top 45.62%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Corporation Intel Graphics Driver Intel Graphics Driver

Timeline

PublishedOct 15

Latest updateMay 13

Description

Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user to potentially create an infinite loop and crash an application via local access.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDintel/graphics_driver12 versions+11

▶CVEListV5intel_corporation/intel_graphics_driverVarious

🔴Vulnerability Details

GHSA

GHSA-96h8-7x7c-3r2v: Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10↗2022-05-13

▶

CVEList

CVE-2018-12154: Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10↗2018-10-15

▶

📋Vendor Advisories

Apple

CVE-2018-12154: macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006↗2019-10-29

▶

Apple

CVE-2018-12154: macOS Catalina 10.15↗2019-10-07

▶