CVE-2020-12373

Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.

CVSS v3.0 6.7 MEDIUM
CVSS v2.0 4.6 MEDIUM

6.7^/10

CVSS v3.0 : MEDIUM

V3 Legend

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

4.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00438.html	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:o:intel:bmc_firmware:*:*:*:*:*:*:*:*

OR	cpe:2.3:h:intel:hns2600bpb:-:::::::*
	cpe:2.3:h:intel:hns2600bpb24:-:::::::*
	cpe:2.3:h:intel:hns2600bpb24r:-:::::::*
	cpe:2.3:h:intel:hns2600bpblc:-:::::::*
	cpe:2.3:h:intel:hns2600bpblc24:-:::::::*
	cpe:2.3:h:intel:hns2600bpblc24r:-:::::::*
	cpe:2.3:h:intel:hns2600bpbr:-:::::::*
	cpe:2.3:h:intel:hns2600bpq:-:::::::*
	cpe:2.3:h:intel:hns2600bpq24:-:::::::*
	cpe:2.3:h:intel:hns2600bpq24r:-:::::::*
	cpe:2.3:h:intel:hns2600bpqr:-:::::::*
	cpe:2.3:h:intel:r1304wf0ys:-:::::::*
	cpe:2.3:h:intel:r1304wftys:-:::::::*
	cpe:2.3:h:intel:r1208wftys:-:::::::*
	cpe:2.3:h:intel:r2308wftzs:-:::::::*
	cpe:2.3:h:intel:r2208wf0zs:-:::::::*
	cpe:2.3:h:intel:r2208wftzs:-:::::::*
	cpe:2.3:h:intel:r2208wfqzs:-:::::::*
	cpe:2.3:h:intel:r2224wfqzs:-:::::::*
	cpe:2.3:h:intel:r2224wftzs:-:::::::*
	cpe:2.3:h:intel:hns2600bps:-:::::::*
	cpe:2.3:h:intel:hns2600bps24:-:::::::*
	cpe:2.3:h:intel:hns2600bpsr:-:::::::*
	cpe:2.3:h:intel:hns2600bps24r:-:::::::*
	cpe:2.3:h:intel:r1208wftysr:-:::::::*
	cpe:2.3:h:intel:r1304wf0ysr:-:::::::*
	cpe:2.3:h:intel:r1304wftysr:-:::::::*
	cpe:2.3:h:intel:r2208wftzsr:-:::::::*
	cpe:2.3:h:intel:r2208wf0zsr:-:::::::*
	cpe:2.3:h:intel:r2224wftzsr:-:::::::*
	cpe:2.3:h:intel:r2208wfqzsr:-:::::::*
	cpe:2.3:h:intel:r1208wfqysr:-:::::::*
	cpe:2.3:h:intel:r1000wf:-:::::::*
	cpe:2.3:h:intel:r2312wf0np:-:::::::*
	cpe:2.3:h:intel:r2312wftzs:-:::::::*
	cpe:2.3:h:intel:r2312wfqzs:-:::::::*
	cpe:2.3:h:intel:s2600wfq:-:::::::*
	cpe:2.3:h:intel:s2600wft:-:::::::*
	cpe:2.3:h:intel:s2600stb:-:::::::*
	cpe:2.3:h:intel:s2600stq:-:::::::*
	cpe:2.3:h:intel:s2600wf0:-:::::::*
	cpe:2.3:h:intel:r2308wftzsr:-:::::::*
	cpe:2.3:h:intel:r2312wftzsr:-:::::::*
	cpe:2.3:h:intel:r2312wf0npr:-:::::::*
	cpe:2.3:h:intel:s2600bpsr:-:::::::*
	cpe:2.3:h:intel:s2600bpbr:-:::::::*
	cpe:2.3:h:intel:s2600bpqr:-:::::::*

Information

Published : 2021-02-17 06:15

Updated : 2021-07-21 04:39

NVD link : CVE-2020-12373

Mitre link : CVE-2020-12373

JSON object : View

CWE

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

Products Affected

intel

hns2600bpb24r
hns2600bpsr
s2600wf0
hns2600bpb24
r2224wftzs
r2224wfqzs
hns2600bps
r2312wfqzs
r2308wftzsr
r1208wftysr
s2600stb
s2600wft
s2600bpqr
r2312wftzs
r2208wfqzsr
r2312wf0np
s2600bpsr
hns2600bpbr
r2208wf0zs
r1000wf
hns2600bpq24
bmc_firmware
hns2600bpblc
r1208wfqysr
r2308wftzs
r2312wf0npr
r1208wftys
r1304wf0ysr
r2208wftzsr
hns2600bps24r
r1304wftysr
hns2600bpblc24
hns2600bpblc24r
hns2600bpq24r
r2224wftzsr
hns2600bpq
r2208wftzs
r2312wftzsr
r1304wftys
hns2600bpb
s2600stq
r1304wf0ys
r2208wfqzs
hns2600bps24
r2208wf0zsr
hns2600bpqr
s2600wfq
s2600bpbr

6.7 /10