Multiple potential security vulnerabilities in Intel® Graphics Driver for Windows* may allow escalation of privileges, denial of service or information disclosure.** Intel is releasing Intel® Graphics Driver for Windows updates to mitigate these potential vulnerabilities.***
CVEID: CVE-2018-12209
Description: Insufficient access control in User Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to read device configuration information via local access.
CVSS Base Score: 3.3 Low
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVEID: CVE-2018-12210
Description: Multiple pointer dereferences in User Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause a denial of service via local access.
CVSS Base Score: 6.5 Medium
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVEID: CVE-2018-12211
Description: Insufficient input validation in User Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause a denial of service via local access.
CVSS Base Score: 6.5 Medium
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVEID: CVE-2018-12212
Description: Buffer overflow in User Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause a denial of service via local access.
CVSS Base Score: 6.5 Medium
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
CVEID: CVE-2018-12213
Description: Potential memory corruption in Kernel Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause a denial of service via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
CVEID: CVE-2018-12214
Description: Potential memory corruption in Kernel Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to execute arbitrary code via local access.
CVSS Base Score: 7.3 High
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H
CVEID: CVE-2018-12215
Description: Insufficient input validation in Kernel Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to cause a denial of service via local access.
CVSS Base Score: 3.2 Low
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:L
CVEID: CVE-2018-12216
Description: Insufficient input validation in Kernel Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to execute arbitrary code via local access via local access.
CVSS Base Score: 8.2 High
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CVEID: CVE-2018-12217
Description: Insufficient access control in Kernel Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to read device configuration information via local access.
CVSS Base Score: 2.3 Low
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
CVEID: CVE-2018-12218
Description: Unhandled exception in User Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause a memory leak via local access.
CVSS Base Score: 3.3 Low
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVEID: CVE-2018-12219
Description: Insufficient input validation in Kernel Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to read memory via local access via local access.
CVSS Base Score: 5.5 Medium
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVEID: CVE-2018-12220
Description: Logic bug in Kernel Mode Driver in Intel® Graphics Driver for Windows* before versions before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables a privileged user to execute arbitrary code via local access.
CVSS Base Score: 3.9 Low
CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:L
CVEID: CVE-2018-12221
Description: Insufficient input validation in Kernel Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an integer overflow via local access.
CVSS Base Score: 3.3 Low
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CVEID: CVE-2018-12222
Description: Insufficient input validation in Kernel Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to cause an out of bound memory read via local access.
CVSS Base Score: 3.3 Low
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVEID: CVE-2018-12223
Description: Insufficient access control in User Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 potentially enables an unprivileged user to escape from a virtual machine guest-to-host via local access.
CVSS Base Score: 5.3 Medium
CVSS Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L
CVEID: CVE-2018-12224
Description: Buffer leakage in igdkm64.sys in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access.
CVSS Base Score: 3.3 Low
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
CVEID: CVE-2018-18089
Description: Multiple out of bounds read in igdkm64.sys in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable information disclosure via local access.
CVSS Base Score: 3.8 Low
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
CVEID: CVE-2018-18090
Description: Out of bounds read in igdkm64.sys in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access.
CVSS Base Score: 3.2 Low
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:L
CVEID: CVE-2018-18091
Description: Use after free in Kernel Mode Driver in Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an unprivileged user to potentially enable a denial of service via local access.
CVSS Base Score: 5.9
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:H
Intel® Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373
Intel recommends that users of Intel® Graphics Driver for Windows* update to versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 or later.
Updates are available for download at this location: Graphics downloads.
Intel would like to thank @j00sean (CVE-2018-18091) for reporting this issue and working with us on coordinated disclosure.
CVE-2018-12218, CVE-2018-12219, CVE-2018-12220, CVE-2018-12221, CVE-2018-12222, CVE-2018-12223, CVE-2018-12224, CVE-2018-18089 and CVE-2018-18090 were found externally by an Intel partner.
The remaining issues were found internally by Intel employees. Intel we would like to thank Artem Shishkin, Edgar Barbosa, Gabriel Barbosa, Gustavo Scotti, Kekai Hu, Rodrigo Axel Monroy, and Rodrigo Branco.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are deployed.