CVE-2018-12219 — Improper Input Validation in Corporation Intel Graphics Driver FOR Windows

CWE-20 — Improper Input Validation3 documents3 sources

Severity

5.5MEDIUMNVD

EPSS

0.1%

top 81.31%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Corporation Intel Graphics Driver FOR Windows Intel Graphics Driver

Timeline

PublishedMar 14

Latest updateMay 14

Description

Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to read memory via local access via local access.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6

Affected Packages2 packages

▶NVDintel/graphics_driver23 versions+22

▶CVEListV5intel_corporation/intel_graphics_driver_for_windowsMultiple versions.

Patches

Patch: www.intel.com ↗Patch: www.intel.com ↗

🔴Vulnerability Details

GHSA

GHSA-pm2f-9x7m-gcvg: Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10↗2022-05-14

▶

CVEList

CVE-2018-12219: Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10↗2019-03-14

▶