CVE-2019-11112

Published: Nov 14, 2019Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

Memory corruption in Kernel Mode Driver in Intel(R) Graphics Driver before 26.20.100.6813 (DCH) or 26.20.100.6812 may allow an authenticated user to potentially enable escalation of privilege via local access.

Affected (5)

Products: Intel: Graphics Driver · Netapp: Cloud Backup, Data Availability Services, Steelstore Cloud Integrated Storage

1 product

3 products

Data Availability Services

Steelstore Cloud Integrated Storage

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Intel Graphics Driver	Before 15.45.5077
Intel Graphics Driver	From 24.20.100.6025 to 26.20.100.6812

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Netapp Cloud Backup	All versions
Netapp Data Availability Services	All versions
Netapp Steelstore Cloud Integrated Storage	All versions

Related CWEs

CWE-787

Out-of-bounds Write

The product writes data past the end, or before the beginning, of the intended buffer.

References (4)

https://security.netapp.com/advisory/ntap-20200320-0005/

Source: secure@intel.com

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Source: secure@intel.com

Vendor Advisory

https://security.netapp.com/advisory/ntap-20200320-0005/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.