Vulnerability CVE-2020-12373

Vulnerability Name:

CVE-2020-12373 (CCN-196586)

Assigned:

2020-04-28

Published:

2021-02-09

Updated:

2021-07-21

Summary:

Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.

CVSS v3 Severity:

6.7 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
5.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): High User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

1.9 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L)
1.7 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): High User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

1.0 Low (CCN CVSS v2 Vector: AV:L/AC:H/Au:S/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): High Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-120

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2020-12373

Source: XF
Type: UNKNOWN
intel-graphics-cve202012373-dos(196586)

Source: CCN
Type: Lenovo Security Advisory: LEN-51723
Intel Graphics Drivers Advisory

Source: CCN
Type: INTEL-SA-00438
Intel Graphics Drivers Advisory

Source: MISC
Type: Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html

Vulnerable Configuration:

Configuration 1:

cpe:/o:intel:bmc_firmware:*:*:*:*:*:*:*:* (Version < 2.47)

AND

cpe:/h:intel:hns2600bpb:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bpb24:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bpb24r:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bpblc:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bpblc24r:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bpbr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bpq:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bpq24:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bpq24r:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bpqr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r1304wf0ys:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r1304wftys:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r1208wftys:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2308wftzs:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2208wf0zs:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2208wftzs:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2208wfqzs:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2224wfqzs:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2224wftzs:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bps:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bps24:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bpsr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:hns2600bps24r:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r1208wftysr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r1304wf0ysr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r1304wftysr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2208wftzsr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2208wf0zsr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2224wftzsr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2208wfqzsr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r1208wfqysr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r1000wf:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2312wf0np:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2312wftzs:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2312wfqzs:-:*:*:*:*:*:*:*

OR cpe:/h:intel:s2600wfq:-:*:*:*:*:*:*:*

OR cpe:/h:intel:s2600wft:-:*:*:*:*:*:*:*

OR cpe:/h:intel:s2600stb:-:*:*:*:*:*:*:*

OR cpe:/h:intel:s2600stq:-:*:*:*:*:*:*:*

OR cpe:/h:intel:s2600wf0:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2308wftzsr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2312wftzsr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:r2312wf0npr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:s2600bpsr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:s2600bpbr:-:*:*:*:*:*:*:*

OR cpe:/h:intel:s2600bpqr:-:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:8029	P	kernel-docs-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-20
oval:org.opensuse.security:def:8090	P	reiserfs-kmp-default-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7579	P	libbrotli-devel-1.0.7-3.3.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7539	P	kernel-64kb-5.14.21-150500.53.2 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7714	P	log4j12-1.2.17-4.9.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:665	P	Security update for samba (Moderate)	2022-08-03
oval:org.opensuse.security:def:3575	P	libarchive13-3.1.2-26.3.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3453	P	clamav-0.101.3-1.19 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3567	P	libXtst6-1.2.2-7.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3398	P	wpa_supplicant-2.6-15.10.1 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3572	P	libXxf86vm1-1.1.3-3.53 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3448	P	busybox-1.21.1-3.3 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95197	P	kernel-default-extra-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95028	P	kernel-docs-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94684	P	libpcre1-32bit-8.45-20.10.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2960	P	kernel-64kb-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95078	P	reiserfs-kmp-default-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94687	P	libpng12-0-1.2.57-2.18 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95083	P	kernel-azure-5.14.21-150400.12.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94948	P	libimobiledevice-1_0-6-1.3.0+git.20210921-150400.1.15 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94590	P	kernel-64kb-5.14.21-150400.22.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:89	P	kernel-64kb-5.3.18-57.3 on GA media (Moderate)	2022-06-13
oval:org.opensuse.security:def:102229	P	Security update for salt (Important)	2022-03-30
oval:org.opensuse.security:def:102228	P	Security update for apache2 (Important)	2022-03-29
oval:org.opensuse.security:def:101661	P	Security update for flac (Moderate)	2022-03-14
oval:org.opensuse.security:def:93167	P	(Important)	2022-03-04
oval:org.opensuse.security:def:99210	P	(Critical)	2022-02-11
oval:org.opensuse.security:def:93320	P	(Important)	2022-02-04
oval:org.opensuse.security:def:102306	P	Security update for the Linux Kernel (Important)	2022-01-19
oval:org.opensuse.security:def:4539	P	Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP5) (Important)	2021-12-14
oval:org.opensuse.security:def:99407	P	(Moderate)	2021-08-23
oval:org.opensuse.security:def:101397	P	rsyslog-module-gssapi-8.39.0-4.10.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63125	P	kernel-azure-5.3.18-36.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2013	P	reiserfs-kmp-default-5.3.18-57.3 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:101400	P	sca-patterns-sle12-1.0.2-1.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:2036	P	kernel-azure-5.3.18-36.1 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:63102	P	reiserfs-kmp-default-5.3.18-57.3 on GA media (Moderate)	2021-08-10
oval:org.opensuse.security:def:100865	P	kernel-64kb-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62107	P	kernel-64kb-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:71848	P	kernel-64kb-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:101277	P	kernel-docs-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:63019	P	kernel-docs-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:72738	P	kernel-docs-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1018	P	kernel-64kb-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:1930	P	kernel-docs-5.3.18-57.3 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:111262	P	Security update for kernel-firmware (Important)	2021-03-14
oval:org.opensuse.security:def:68325	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:118436	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:109543	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:96336	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:108327	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:73786	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:95515	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:6466	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:67056	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:117895	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:109181	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:95911	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:8377	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:102679	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:68668	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:118639	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:109674	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:108894	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:74696	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:95516	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:97274	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:7236	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:67057	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:118104	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:109290	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:95966	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:102877	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:5967	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:68803	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:119814	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:64664	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:117580	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:108895	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:76124	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:95593	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:42156	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:97276	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:70814	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:102515	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:67555	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:118376	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:109345	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:96187	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:108066	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:103008	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:5968	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:65628	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:117841	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:108972	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:76125	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:95802	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:10674	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:102624	P	Security update for the Linux Kernel (Important)	2021-03-09
oval:org.opensuse.security:def:111257	P	Security update for the Linux Kernel (Important)	2021-03-08
oval:org.opensuse.security:def:97263	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:9657	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:92855	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:69996	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:99606	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:92260	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:64661	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:99015	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:117577	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:9856	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:93014	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:70547	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:99805	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:108063	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:8904	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:92457	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:10407	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:100117	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:73783	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:9099	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:92656	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:69797	P	Security update for kernel-firmware (Important)	2021-03-03
oval:org.opensuse.security:def:92065	P	Security update for kernel-firmware (Important)	2021-03-03

BACK