Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-11089

Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access.

Published

2019-11-14T20:15:11.680

Last Modified

2024-11-21T04:20:31.007

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.5 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:N/A:P

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

3.9

Impact Score

2.9

Weaknesses

Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	intel	graphics_driver	< 25.20.100.6519	Yes
Application	netapp	cloud_backup	-	Yes
Application	netapp	data_availability_services	-	Yes
Application	netapp	steelstore_cloud_integrated_storage	-	Yes
Operating System	netapp	solidfire_baseboard_management_controller_firmware	-	Yes
Hardware	netapp	solidfire_baseboard_management_controller	-	No

References

https://security.netapp.com/advisory/ntap-20200320-0005/ Third Party Advisory ([email protected])
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html Vendor Advisory ([email protected])
https://security.netapp.com/advisory/ntap-20200320-0005/ Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00242.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)