CVE-2018-12215

CWE-20 — Improper Input Validation3 documents3 sources

Severity

6.0MEDIUM

EPSS

0.1%

top 66.98%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Corporation Intel(r) Graphics Driver FOR Windows Intel Graphics Driver

Timeline

PublishedMar 14

Latest updateMay 14

Description

Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to cause a denial of service via local access.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:HExploitability: 1.5 | Impact: 4.0

Affected Packages2 packages

▶NVDintel/graphics_driver23 versions+22

▶CVEListV5intel_corporation/intel(r)_graphics_driver_for_windowsMultiple versions.

Patches

Patch: www.intel.com ↗Patch: www.intel.com ↗

🔴Vulnerability Details

GHSA

GHSA-cf32-247f-h7rm: Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10↗2022-05-14

▶

CVEList

CVE-2018-12215: Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10↗2019-03-14

▶