cbcvebase.
CVE-2019-0155
published 2019-11-14

CVE-2019-0155: Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R)…

high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected

20 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
debianlinux< linux 5.3.9-2 (bookworm)linux 5.3.9-2 (bookworm)
intelgraphics_driver< 26.20.100.681326.20.100.6813
intelgraphics_driver< 15.45.507715.45.5077
intelgraphics_driver< 4.4.2014.4.201
intelgraphics_driver< 4.9.2014.9.201
intelgraphics_driver< 4.14.1544.14.154
intelgraphics_driver< 4.19.844.19.84
intelgraphics_driver< 5.3.115.3.11
linuxlinux_kernel>= 0 < 5.3.9-25.3.9-2
linuxlinux_kernel>= 0 < 5.3.9-25.3.9-2
linuxlinux_kernel>= 0 < 5.3.9-25.3.9-2
linuxlinux_kernel>= 0 < 5.3.9-25.3.9-2
linuxlinux_kernel>= 0 < 4.4.0-168.1974.4.0-168.197
linuxlinux_kernel>= 0 < 4.4.0-169.1984.4.0-169.198
linuxlinux_kernel>= 0 < 4.15.0-70.794.15.0-70.79
linuxlinux_kernel>= 0 < 4.15.0-69.784.15.0-69.78
redhatenterprise_linux_server_aus
redhatenterprise_linux_server_eus
redhatenterprise_linux_server_tus

CVSS provenance

nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH