CVE-2018-12221

EUVD-2018-4199
Insufficient input validation in Kernel Mode Driver in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an integer overflow via local access.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 17%
Affected Products (NVD)
VendorProductVersion
intelgraphics_driver
15.33.43.4425
intelgraphics_driver
15.33.45.4653
intelgraphics_driver
15.33.46.4885
intelgraphics_driver
15.36.26.4294
intelgraphics_driver
15.36.28.4332
intelgraphics_driver
15.36.31.4414
intelgraphics_driver
15.36.33.4578
intelgraphics_driver
15.36.34.4889
intelgraphics_driver
15.40.34.4624
intelgraphics_driver
15.40.36.4703
intelgraphics_driver
15.40.37.4835
intelgraphics_driver
15.40.38.4963
intelgraphics_driver
15.40.41.5058
intelgraphics_driver
15.45.18.4664
intelgraphics_driver
15.45.19.4678
intelgraphics_driver
15.45.21.4821
intelgraphics_driver
15.45.23.4860
intelgraphics_driver
24.20.100.6025
intelgraphics_driver
24.20.100.6094
intelgraphics_driver
24.20.100.6136
intelgraphics_driver
24.20.100.6194
intelgraphics_driver
24.20.100.6229
intelgraphics_driver
24.20.100.6286
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.lenovo.com/us/en/product_security/LEN-25084
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html
https://support.lenovo.com/us/en/product_security/LEN-25084
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00189.html