Allele Security Alert
ASA-2019-00282
Identifier(s)
ASA-2019-00282, CVE-2019-0116, INTEL-SA-00218
Title
Out-of-bounds read in KMD module for Intel(R) Graphics Driver
Vendor(s)
Intel
Product(s)
Intel(R) Graphics Driver
Affected version(s)
4th Generation Intel® Core™/ Pentium®/ Xeon® (E3 v3 only) Processor (Haswell) systems running Windows ® 7 or Windows ® 8.1 with Intel® Graphics Driver for Windows* before versions 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069).
3rd Generation Intel® Core ™/ Pentium®/ Celeron®/ Xeon® (E3 v2 only) Processor (Ivybridge) systems with Intel® Graphics Driver for Windows* before versions 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069).
Intel® Pentium®/ Celeron®/ Atom® Processor (Baytrail) systems with Intel® Graphics Driver for Windows* before versions 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069).
Fixed version(s)
4th Generation Intel® Core™/ Pentium®/ Xeon® (E3 v3 only) Processor (Haswell) systems running Windows ® 7 or Windows ® 8.1 with Intel® Graphics Driver for Windows* versions 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069).
3rd Generation Intel® Core ™/ Pentium®/ Celeron®/ Xeon® (E3 v2 only) Processor (Ivybridge) systems with Intel® Graphics Driver for Windows* versions 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069).
Intel® Pentium®/ Celeron®/ Atom® Processor (Baytrail) systems with Intel® Graphics Driver for Windows* versions 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069).
Proof of concept
Unknown
Description
An out-of-bounds read in KMD module for Intel(R) Graphics Driver before version 10.18.14.5067 (aka 15.36.x.5067) and 10.18.10.5069 (aka 15.33.x.5069) may allow a privileged user to potentially enable denial of service via local access.
Technical details
Unknown
Credits
Konstantin Wurster
Reference(s)
Intel® Graphics Driver for Windows* 2019.1 QSR Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00218.html
CVE-2019-0116
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0116
CVE-2019-0116
https://nvd.nist.gov/vuln/detail/CVE-2019-0116
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: May 20, 2019