CVE-2018-12154
published 2018-10-15CVE-2018-12154: Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058…
PriorityP418medium5.5CVSS 3.0
AVLACLPRLUINSUCNINAH
EPSS
0.48%
37.9th percentile
Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user to potentially create an infinite loop and crash an application via local access.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | macos_catalina | — | — |
| apple | macos_catalina_10.15.1_security_update_2019-001_and_security_update_2019-006 | — | — |
| intel | graphics_driver | — | — |
| intel | graphics_driver | — | — |
| intel | graphics_driver | — | — |
| intel | graphics_driver | — | — |
| intel | graphics_driver | — | — |
| intel | graphics_driver | — | — |
| intel | graphics_driver | — | — |
| intel | graphics_driver | — | — |
| intel | graphics_driver | — | — |
| intel | graphics_driver | — | — |
| intel | graphics_driver | — | — |
| intel | graphics_driver | — | — |
| intel_corporation | intel_graphics_driver | — | — |
CVSS provenance
nvdv3.05.5MEDIUMCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-96h8-7x7c-3r2v: Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10
ghsa_unreviewed·2022-05-13
CVE-2018-12154 [MEDIUM] CWE-835 GHSA-96h8-7x7c-3r2v: Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10
Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user to potentially create an infinite loop and crash an application via local access.
Apple
CVE-2018-12154: macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006
vendor_apple·2019-10-29·CVSS 5.5
CVE-2018-12154 [MEDIUM] CVE-2018-12154: macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006
Apple Security Update: About the security content of macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006
Product: macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006
CVE: CVE-2018-12154
Component: Graphics
Impact: Processing a malicious shader may result in unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved input validation.
Apple
CVE-2018-12154: macOS Catalina 10.15
vendor_apple·2019-10-07·CVSS 5.5
CVE-2018-12154 [MEDIUM] CVE-2018-12154: macOS Catalina 10.15
Apple Security Update: About the security content of macOS Catalina 10.15
Product: macOS Catalina
Version: 10.15
CVE: CVE-2018-12154
Component: Graphics
Impact: Processing a malicious shader may result in unexpected application termination or arbitrary code execution
Description: Multiple memory corruption issues were addressed with improved input validation.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://seclists.org/fulldisclosure/2019/Oct/55http://seclists.org/fulldisclosure/2019/Oct/56http://www.securityfocus.com/bid/105582https://support.apple.com/kb/HT210634https://support.apple.com/kb/HT210722https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00166.htmlhttp://seclists.org/fulldisclosure/2019/Oct/55http://seclists.org/fulldisclosure/2019/Oct/56http://www.securityfocus.com/bid/105582https://support.apple.com/kb/HT210634https://support.apple.com/kb/HT210722https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00166.html
2018-10-15
Published