Vulnerability Name:

CVE-2020-12373 (CCN-196586)

Assigned:2020-04-28
Published:2021-02-09
Updated:2021-07-21
Summary:Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.
CVSS v3 Severity:6.7 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)
5.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): Low
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): High
Availibility (A): High
1.9 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L)
1.7 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): High
Privileges Required (PR): High
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Low
CVSS v2 Severity:4.6 Medium (CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
1.0 Low (CCN CVSS v2 Vector: AV:L/AC:H/Au:S/C:N/I:N/A:P)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Athentication (Au): Single_Instance
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Partial
Vulnerability Type:CWE-120
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2020-12373

Source: XF
Type: UNKNOWN
intel-graphics-cve202012373-dos(196586)

Source: CCN
Type: Lenovo Security Advisory: LEN-51723
Intel Graphics Drivers Advisory

Source: CCN
Type: INTEL-SA-00438
Intel Graphics Drivers Advisory

Source: MISC
Type: Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html

Vulnerable Configuration:Configuration 1:
  • cpe:/o:intel:bmc_firmware:*:*:*:*:*:*:*:* (Version < 2.47)
  • AND
  • cpe:/h:intel:hns2600bpb:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bpb24:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bpb24r:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bpblc:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bpblc24:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bpblc24r:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bpbr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bpq:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bpq24:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bpq24r:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bpqr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r1304wf0ys:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r1304wftys:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r1208wftys:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2308wftzs:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2208wf0zs:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2208wftzs:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2208wfqzs:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2224wfqzs:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2224wftzs:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bps:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bps24:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bpsr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:hns2600bps24r:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r1208wftysr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r1304wf0ysr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r1304wftysr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2208wftzsr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2208wf0zsr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2224wftzsr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2208wfqzsr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r1208wfqysr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r1000wf:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2312wf0np:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2312wftzs:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2312wfqzs:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:s2600wfq:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:s2600wft:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:s2600stb:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:s2600stq:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:s2600wf0:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2308wftzsr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2312wftzsr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:r2312wf0npr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:s2600bpsr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:s2600bpbr:-:*:*:*:*:*:*:*
  • OR cpe:/h:intel:s2600bpqr:-:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:8029
    P
    kernel-docs-5.14.21-150500.53.2 on GA media (Moderate)
    2023-06-20
    oval:org.opensuse.security:def:8090
    P
    reiserfs-kmp-default-5.14.21-150500.53.2 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7579
    P
    libbrotli-devel-1.0.7-3.3.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7539
    P
    kernel-64kb-5.14.21-150500.53.2 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:7714
    P
    log4j12-1.2.17-4.9.1 on GA media (Moderate)
    2023-06-12
    oval:org.opensuse.security:def:665
    P
    Security update for samba (Moderate)
    2022-08-03
    oval:org.opensuse.security:def:3575
    P
    libarchive13-3.1.2-26.3.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3453
    P
    clamav-0.101.3-1.19 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3567
    P
    libXtst6-1.2.2-7.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3398
    P
    wpa_supplicant-2.6-15.10.1 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3572
    P
    libXxf86vm1-1.1.3-3.53 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:3448
    P
    busybox-1.21.1-3.3 on GA media (Moderate)
    2022-06-28
    oval:org.opensuse.security:def:95197
    P
    kernel-default-extra-5.14.21-150400.22.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:95028
    P
    kernel-docs-5.14.21-150400.22.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94684
    P
    libpcre1-32bit-8.45-20.10.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:2960
    P
    kernel-64kb-5.14.21-150400.22.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:95078
    P
    reiserfs-kmp-default-5.14.21-150400.22.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94687
    P
    libpng12-0-1.2.57-2.18 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:95083
    P
    kernel-azure-5.14.21-150400.12.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94948
    P
    libimobiledevice-1_0-6-1.3.0+git.20210921-150400.1.15 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:94590
    P
    kernel-64kb-5.14.21-150400.22.1 on GA media (Moderate)
    2022-06-22
    oval:org.opensuse.security:def:89
    P
    kernel-64kb-5.3.18-57.3 on GA media (Moderate)
    2022-06-13
    oval:org.opensuse.security:def:102229
    P
    Security update for salt (Important)
    2022-03-30
    oval:org.opensuse.security:def:102228
    P
    Security update for apache2 (Important)
    2022-03-29
    oval:org.opensuse.security:def:101661
    P
    Security update for flac (Moderate)
    2022-03-14
    oval:org.opensuse.security:def:93167
    P
    (Important)
    2022-03-04
    oval:org.opensuse.security:def:99210
    P
    (Critical)
    2022-02-11
    oval:org.opensuse.security:def:93320
    P
    (Important)
    2022-02-04
    oval:org.opensuse.security:def:102306
    P
    Security update for the Linux Kernel (Important)
    2022-01-19
    oval:org.opensuse.security:def:4539
    P
    Security update for the Linux Kernel (Live Patch 23 for SLE 12 SP5) (Important)
    2021-12-14
    oval:org.opensuse.security:def:99407
    P
    (Moderate)
    2021-08-23
    oval:org.opensuse.security:def:101397
    P
    rsyslog-module-gssapi-8.39.0-4.10.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63125
    P
    kernel-azure-5.3.18-36.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:2013
    P
    reiserfs-kmp-default-5.3.18-57.3 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:101400
    P
    sca-patterns-sle12-1.0.2-1.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:2036
    P
    kernel-azure-5.3.18-36.1 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:63102
    P
    reiserfs-kmp-default-5.3.18-57.3 on GA media (Moderate)
    2021-08-10
    oval:org.opensuse.security:def:100865
    P
    kernel-64kb-5.3.18-57.3 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:62107
    P
    kernel-64kb-5.3.18-57.3 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:71848
    P
    kernel-64kb-5.3.18-57.3 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:101277
    P
    kernel-docs-5.3.18-57.3 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:63019
    P
    kernel-docs-5.3.18-57.3 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:72738
    P
    kernel-docs-5.3.18-57.3 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:1018
    P
    kernel-64kb-5.3.18-57.3 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:1930
    P
    kernel-docs-5.3.18-57.3 on GA media (Moderate)
    2021-08-09
    oval:org.opensuse.security:def:111262
    P
    Security update for kernel-firmware (Important)
    2021-03-14
    oval:org.opensuse.security:def:68325
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:118436
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:109543
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:96336
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:108327
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:73786
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:95515
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:6466
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:67056
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:117895
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:109181
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:95911
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:8377
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:102679
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:68668
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:118639
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:109674
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:108894
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:74696
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:95516
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:97274
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:7236
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:67057
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:118104
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:109290
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:95966
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:102877
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:5967
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:68803
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:119814
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:64664
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:117580
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:108895
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:76124
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:95593
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:42156
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:97276
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:70814
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:102515
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:67555
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:118376
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:109345
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:96187
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:108066
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:103008
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:5968
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:65628
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:117841
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:108972
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:76125
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:95802
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:10674
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:102624
    P
    Security update for the Linux Kernel (Important)
    2021-03-09
    oval:org.opensuse.security:def:111257
    P
    Security update for the Linux Kernel (Important)
    2021-03-08
    oval:org.opensuse.security:def:97263
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:9657
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:92855
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:69996
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:99606
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:92260
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:64661
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:99015
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:117577
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:9856
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:93014
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:70547
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:99805
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:108063
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:8904
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:92457
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:10407
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:100117
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:73783
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:9099
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:92656
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:69797
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    oval:org.opensuse.security:def:92065
    P
    Security update for kernel-firmware (Important)
    2021-03-03
    BACK
    intel bmc firmware *
    intel hns2600bpb -
    intel hns2600bpb24 -
    intel hns2600bpb24r -
    intel hns2600bpblc -
    intel hns2600bpblc24 -
    intel hns2600bpblc24r -
    intel hns2600bpbr -
    intel hns2600bpq -
    intel hns2600bpq24 -
    intel hns2600bpq24r -
    intel hns2600bpqr -
    intel r1304wf0ys -
    intel r1304wftys -
    intel r1208wftys -
    intel r2308wftzs -
    intel r2208wf0zs -
    intel r2208wftzs -
    intel r2208wfqzs -
    intel r2224wfqzs -
    intel r2224wftzs -
    intel hns2600bps -
    intel hns2600bps24 -
    intel hns2600bpsr -
    intel hns2600bps24r -
    intel r1208wftysr -
    intel r1304wf0ysr -
    intel r1304wftysr -
    intel r2208wftzsr -
    intel r2208wf0zsr -
    intel r2224wftzsr -
    intel r2208wfqzsr -
    intel r1208wfqysr -
    intel r1000wf -
    intel r2312wf0np -
    intel r2312wftzs -
    intel r2312wfqzs -
    intel s2600wfq -
    intel s2600wft -
    intel s2600stb -
    intel s2600stq -
    intel s2600wf0 -
    intel r2308wftzsr -
    intel r2312wftzsr -
    intel r2312wf0npr -
    intel s2600bpsr -
    intel s2600bpbr -
    intel s2600bpqr -