Sign-up

ID

VAR-201904-0760


CVE

CVE-2019-0162


TITLE

Intel Multiple vulnerabilities in the product

Trust: 0.8

sources: JVNDB: JVNDB-2019-002605

DESCRIPTION

Memory access in virtual memory mapping for some microprocessors may allow an authenticated user to potentially enable information disclosure via local access. Intel Has released an update for each product.The expected impact depends on each vulnerability, but can be affected as follows: * Privilege escalation (CVE-2018-18094, CVE-2019-0158, CVE-2019-0162, CVE-2019-0163) * Information leak (CVE-2019-0162) * Service operation interruption (DoS) attack (CVE-2019-0162). Intel Microprocessors is a microprocessor (CPU) product of Intel Corporation of the United States. A security vulnerability exists in Intel Microprocessors. An attacker could exploit this vulnerability to disclose information

Trust: 1.8

sources: NVD: CVE-2019-0162 // JVNDB: JVNDB-2019-002605 // VULHUB: VHN-140193 // VULMON: CVE-2019-0162

AFFECTED PRODUCTS

vendor:intelmodel:-scope:eqversion: -

Trust: 1.0

vendor:intelmodel:broadwellscope:ltversion:u i5 vpro mybdwi5v.86a

Trust: 0.8

vendor:intelmodel:graphics performance analyzerscope:lteversion:for linux 18.4

Trust: 0.8

vendor:intelmodel:media sdkscope:ltversion:2018 r2.1

Trust: 0.8

vendor:intelmodel:microprocessorsscope:eqversion:with virtual memory mapping

Trust: 0.8

sources: JVNDB: JVNDB-2019-002605 // NVD: CVE-2019-0162

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-0162
value: LOW

Trust: 1.0

CNNVD: CNNVD-201904-883
value: LOW

Trust: 0.6

VULHUB: VHN-140193
value: LOW

Trust: 0.1

VULMON: CVE-2019-0162
value: LOW

Trust: 0.1

nvd@nist.gov: CVE-2019-0162
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.1

VULHUB: VHN-140193
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:P/I:N/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: PARTIAL
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-0162
baseSeverity: LOW
baseScore: 3.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: CHANGED
confidentialityImpact: LOW
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 2.0
impactScore: 1.4
version: 3.0

Trust: 1.0

sources: VULHUB: VHN-140193 // VULMON: CVE-2019-0162 // CNNVD: CNNVD-201904-883 // NVD: CVE-2019-0162

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

problemtype:CWE-200

Trust: 0.1

sources: VULHUB: VHN-140193 // NVD: CVE-2019-0162

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201904-883

TYPE

information disclosure

Trust: 0.6

sources: CNNVD: CNNVD-201904-883

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2019-002605

PATCH
title:INTEL-SA-00201url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00201.html
Trust: 0.8
title:INTEL-SA-00236url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00236.html
Trust: 0.8
title:INTEL-SA-00238url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00238.html
Trust: 0.8
title:INTEL-SA-00239url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00239.html
Trust: 0.8
title:The Registerurl:https://www.theregister.co.uk/2019/04/11/intel_april_patch/
Trust: 0.2
title:hardware-attacks-state-of-the-arturl:https://github.com/codexlynx/hardware-attacks-state-of-the-art 
Trust: 0.1
title:PoCurl:https://github.com/Jonathan-Elias/PoC 
Trust: 0.1
title:PoC-in-GitHuburl:https://github.com/developer3000S/PoC-in-GitHub 
Trust: 0.1
title:CVE-POCurl:https://github.com/0xT11/CVE-POC 
Trust: 0.1
title:PoC-in-GitHuburl:https://github.com/hectorgie/PoC-in-GitHub 
Trust: 0.1
sources:
            
            
            VULMON: CVE-2019-0162 // 
            
            
            
            JVNDB: JVNDB-2019-002605

EXTERNAL IDS
db:NVDid:CVE-2019-0162
Trust: 2.6
db:JVNid:JVNVU90136041
Trust: 0.8
db:JVNDBid:JVNDB-2019-002605
Trust: 0.8
db:CNNVDid:CNNVD-201904-883
Trust: 0.7
db:VULHUBid:VHN-140193
Trust: 0.1
db:VULMONid:CVE-2019-0162
Trust: 0.1
sources:
            
            
            VULHUB: VHN-140193 // 
            
            
            
            VULMON: CVE-2019-0162 // 
            
            
            
            JVNDB: JVNDB-2019-002605 // 
            
            
            
            CNNVD: CNNVD-201904-883 // 
            
            
            
            NVD: CVE-2019-0162

REFERENCES
url:https://support.f5.com/csp/article/k26710120
Trust: 1.8
url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00238.html
Trust: 1.8
url:https://nvd.nist.gov/vuln/detail/cve-2019-0162
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0162
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0163
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-18094
Trust: 0.8
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0158
Trust: 0.8
url:https://jvn.jp/vu/jvnvu90136041/
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2018-18094
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2019-0158
Trust: 0.8
url:https://nvd.nist.gov/vuln/detail/cve-2019-0163
Trust: 0.8
url:https://access.redhat.com/security/cve/cve-2019-0162
Trust: 0.6
url:https://cwe.mitre.org/data/definitions/.html
Trust: 0.1
url:https://nvd.nist.gov
Trust: 0.1
url:https://www.theregister.co.uk/2019/04/11/intel_april_patch/
Trust: 0.1
url:https://github.com/codexlynx/hardware-attacks-state-of-the-art
Trust: 0.1
sources:
            
            
            VULHUB: VHN-140193 // 
            
            
            
            VULMON: CVE-2019-0162 // 
            
            
            
            JVNDB: JVNDB-2019-002605 // 
            
            
            
            CNNVD: CNNVD-201904-883 // 
            
            
            
            NVD: CVE-2019-0162

SOURCES
db:VULHUBid:VHN-140193
db:VULMONid:CVE-2019-0162
db:JVNDBid:JVNDB-2019-002605
db:CNNVDid:CNNVD-201904-883
db:NVDid:CVE-2019-0162

LAST UPDATE DATE
2024-11-23T22:00:00.072000+00:00

SOURCES UPDATE DATE
db:VULHUBid:VHN-140193date:2020-08-24T00:00:00
db:VULMONid:CVE-2019-0162date:2020-08-24T00:00:00
db:JVNDBid:JVNDB-2019-002605date:2019-09-30T00:00:00
db:CNNVDid:CNNVD-201904-883date:2020-08-25T00:00:00
db:NVDid:CVE-2019-0162date:2024-11-21T04:16:22.987

SOURCES RELEASE DATE
db:VULHUBid:VHN-140193date:2019-04-17T00:00:00
db:VULMONid:CVE-2019-0162date:2019-04-17T00:00:00
db:JVNDBid:JVNDB-2019-002605date:2019-04-11T00:00:00
db:CNNVDid:CNNVD-201904-883date:2019-04-17T00:00:00
db:NVDid:CVE-2019-0162date:2019-04-17T18:29:00.323