A potential security vulnerability in Intel® Processor Graphics may allow denial of service.** **Intel is releasing software and firmware updates to mitigate this potential vulnerability.
CVEID: CVE-2019-0154
Description: Insufficient access control in subsystem for Intel ® processor graphics in 6th, 7th, 8th and 9th Generation Intel® Core™ Processor Families; Intel® Pentium® Processor J, N, Silver and Gold Series; Intel® Celeron® Processor J, N, G3900 and G4900 Series; Intel® Atom® Processor A and E3900 Series; Intel® Xeon® Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.
CVSS Base Score: 6.5 Medium
CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
6th, 7th, 8th and 9th Generation Intel® Core™ Processor Families; Intel® Pentium® Processor J, N, Silver and Gold Series; Intel® Celeron® Processor J, N, G3900 and G4900 Series; Intel® Atom® Processor A and E3900 Series; Intel® Xeon® Processor E3-1500 v5 and v6 and E-2100 Processor Families.
Intel recommends updating affected products to the latest version (see provided table).
Product
|
Windows* Driver version
|
Linux Kernel target versions
|
BIOS version
|
MCU
|
CPU ID
|
Platform
ID
—|—|—|—|—|—|—
Intel® Pentium® Processor J4205, N4200
Intel® Celeron® Processor J3355, J3455, N3350, N3450
Intel® Atom® Processor x5-E3930, x5-E3940, x7-E3950
|
26.20.100.6859 or later
|
3.16.x or later
4.4.x or later
4.9.x or later
4.14.x or later
4.19.x or later
5.2.x or later
5.3.x or later
|
N/A
|
0x36 or later
|
506C9
|
03
Intel® Atom® Processor x5-E3930, x5-E3940, x7-E3950
|
26.20.100.6859 or later
|
3.16.x or later
4.4.x or later
4.9.x or later
4.14.x or later
4.19.x or later
5.2.x or later
5.3.x or later
|
N/A
|
0x10 or later
|
506CA
|
03
Intel® Pentium® Silver Processor J5005, N5000
Intel® Celeron® Processor J4005, J4105, N4000, N4100
|
26.20.100.6859 or later
|
3.16.x or later
4.4.x or later
4.9.x or later
4.14.x or later
4.19.x or later
5.2.x or later
5.3.x or later
|
N/A
|
0x2c or later
|
706A1
|
01
6th Generation Intel® Core™ Processor Family
Intel® Xeon® Processor E3 v5 Family
|
26.20.100.6859 or later
15.45.x.5075 or later
21.20.x.5075 or later
|
3.16.x or later
4.4.x or later
4.9.x or later
4.14.x or later
4.19.x or later
5.2.x or later
5.3.x or later
|
BIOS 153, RC 3.7.1 or later
|
N/A
|
N/A
|
N/A
7th Generation Intel® Core™ Processor Family
Intel® Xeon® Processor E3 v6 Family
|
26.20.100.6859 or later
|
3.16.x or later
4.4.x or later
4.9.x or later
4.14.x or later
4.19.x or later
5.2.x or later
5.3.x or later
|
BIOS 153, RC 3.7.1 or later
|
N/A
|
N/A
|
N/A
8th Generation Intel® Core™ Processor Family
9th Generation Intel® Core™ Processor Family
Intel® Xeon® Processor E 2100 Family
|
26.20.100.6859 or later
|
3.16.x or later
4.4.x or later
4.9.x or later
4.14.x or later
4.19.x or later
5.2.x or later
5.3.x or later
|
BIOS 197, RC 7.0.5E.40 or later
|
N/A
|
N/A
|
N/A
Updates are available for download at this location: <https://downloadcenter.intel.com/product/80939/Graphics-Drivers>
This issue was found internally by Intel.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.