CVE-2020-12363

CWE-20 — Improper Input Validation6 documents6 sources

Severity

5.5MEDIUM

EPSS

0.2%

top 63.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Graphics Drivers

Timeline

PublishedFeb 17

Latest updateMay 24

Description

Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:HExploitability: 1.8 | Impact: 3.6

Affected Packages4 packages

▶CVEListV5intel(r)_graphics_drivers_for_windows*_before_version_26.20.100.7212_andbefore version 26.20.100.7212 and before Linux kernel version 5.5

▶NVDintel/graphics_drivers< 26.20.100.7212

▶Debianlinux< 5.14.6-1+2

▶Debianfirmware-nonfree< 20210208-1+3

🔴Vulnerability Details

GHSA

GHSA-xxwm-rvgr-f38w: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26↗2022-05-24

▶

CVEList

CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26↗2021-02-17

▶

OSV

CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26↗2021-02-17

▶

📋Vendor Advisories

Red Hat

kernel: Improper input validation in some Intel(R) Graphics Drivers↗2021-02-17

▶

Debian

CVE-2020-12363: firmware-nonfree - Improper input validation in some Intel(R) Graphics Drivers for Windows* before ...↗2020

▶