Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

CVE-2019-0155

CVE information

Published

2 years ago

Last Modified

3 months ago

CVSSv2.0 Severity

High

CVSSv3.1 Severity

High

Impact Analysis

Description

Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families; Intel(R) Graphics Driver for Windows before 26.20.100.6813 (DCH) or 26.20.100.6812 and before 21.20.x.5077 (aka15.45.5077), i915 Linux Driver for Intel(R) Processor Graphics before versions 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 may allow an authenticated user to potentially enable escalation of privilege via local access..

CVSSv2.0 Score

Severity
High
Base Score
7.2/10
Exploit Score
3.9/10
Access Vector
Local
Access Complexity
Low
Authentication Required
None
Impact Score
10/10
Confidentiality Impact
Complete
Availability Impact
Complete
Integrity Impact
Complete

CVSSv3.1 Score

Severity
High
Base Score
7.8/10
Exploit Score
1.8/10
Access Vector
Local
Access Complexity
Low
Privileges Required
Low
Impact Score
5.9/10
Confidentiality Impact
High
Availability Impact
High
Integrity Impact
High
Scope
Unchanged
User Interaction
None

Products Affected

CPE Affected Vulnerable Excluding Edit
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*
  Yes
- -
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*
  Yes
- -
cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:windows:*:*
  Yes
- 26.20.100.6813
cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:windows:*:*
  Yes
- 15.45.5077
cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:linux:*:*
  Yes
- 4.4.201
cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:linux:*:*
  Yes
- 4.9.201
cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:linux:*:*
  Yes
- 4.14.154
cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:linux:*:*
  Yes
- 4.19.84
cpe:2.3:a:intel:graphics_driver:*:*:*:*:*:linux:*:*
  Yes
- 5.3.11
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
  Yes
- -