CVE-2018-12152

Pointer corruption in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unauthenticated remote user to potentially execute arbitrary WebGL code via local access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
intelCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 82%
VendorProductVersion
intelgraphics_driver
15.33.43.4425
intelgraphics_driver
15.33.45.4653
intelgraphics_driver
15.33.46.4885
intelgraphics_driver
15.33.47.5059
intelgraphics_driver
15.36.26.4294
intelgraphics_driver
15.36.28.4332
intelgraphics_driver
15.36.31.4414
intelgraphics_driver
15.36.33.4578
intelgraphics_driver
15.36.34.4889
intelgraphics_driver
15.36.35.5057
intelgraphics_driver
15.40.34.4624
intelgraphics_driver
15.40.36.4703
intelgraphics_driver
15.40.37.4835
intelgraphics_driver
15.40.38.4963
intelgraphics_driver
15.40.41.5058
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://seclists.org/fulldisclosure/2019/Oct/55
http://seclists.org/fulldisclosure/2019/Oct/56
http://www.securityfocus.com/bid/105582
https://support.apple.com/kb/HT210634
https://support.apple.com/kb/HT210722
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00166.html
http://seclists.org/fulldisclosure/2019/Oct/55
http://seclists.org/fulldisclosure/2019/Oct/56
http://www.securityfocus.com/bid/105582
https://support.apple.com/kb/HT210634
https://support.apple.com/kb/HT210722
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00166.html