CVE-2020-12362

CWE-190 — Integer Overflow6 documents6 sources

Severity

7.8HIGH

EPSS

0.1%

top 73.12%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Graphics Drivers

Timeline

PublishedFeb 17

Latest updateMay 24

Description

Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages4 packages

▶CVEListV5intel(r)_graphics_drivers_for_windows_*_before_version_26.20.100.7212_andbefore version 26.20.100.7212 and before Linux kernel version 5.5

▶NVDintel/graphics_drivers< 26.20.100.7212

▶Debianlinux< 5.14.6-1+2

▶Debianfirmware-nonfree< 20210208-1+3

🔴Vulnerability Details

GHSA

GHSA-h3pg-6c24-fx54: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26↗2022-05-24

▶

OSV

CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26↗2021-02-17

▶

CVEList

CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26↗2021-02-17

▶

📋Vendor Advisories

Red Hat

kernel: Integer overflow in Intel(R) Graphics Drivers↗2021-02-17

▶

Debian

CVE-2020-12362: firmware-nonfree - Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows ...↗2020

▶