Details of VAR-201912-1811

ID

VAR-201912-1811

CVE

CVE-2019-11165

TITLE

Intel(R) FPGA SDK for OpenCL(TM) Pro Edition Vulnerabilities related to exceptional state checking

Trust: 0.8

sources: JVNDB: JVNDB-2019-013409

DESCRIPTION

Improper conditions check in the Linux kernel driver for the Intel(R) FPGA SDK for OpenCL(TM) Pro Edition before version 19.4 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) FPGA SDK for OpenCL(TM) Pro Edition Contains an exceptional condition check vulnerability.Service operation interruption (DoS) There is a possibility of being put into a state. Intel FPGA SDK for OpenCL Pro is a software development toolkit for building OpenCL applications developed by Intel Corporation. The Linux kernel driver is one of the drivers for the Linux platform. The Linux kernel driver in versions prior to Intel FPGA SDK for OpenCL Pro 19.4 has a code issue vulnerability. A local attacker could exploit this vulnerability to cause a denial of service

Trust: 1.8

sources: NVD: CVE-2019-11165 // JVNDB: JVNDB-2019-013409 // VULHUB: VHN-142784 // VULMON: CVE-2019-11165

AFFECTED PRODUCTS

vendor:	intel	model:	field programmable gate array software development kit for opencl	scope:	lt	version:	19.4	Trust: 1.0
vendor:	intel	model:	fpga sdk for opencl	scope:	lt	version:	pro 19.4	Trust: 0.8
vendor:	intel	model:	field programmable gate array software development kit for opencl	scope:	eq	version:	19.3	Trust: 0.6
vendor:	intel	model:	field programmable gate array software development kit for opencl	scope:	eq	version:	16.0	Trust: 0.6
vendor:	intel	model:	field programmable gate array software development kit for opencl	scope:	eq	version:	15.1	Trust: 0.6
vendor:	intel	model:	field programmable gate array software development kit for opencl	scope:	eq	version:	19.1	Trust: 0.6
vendor:	intel	model:	field programmable gate array software development kit for opencl	scope:	eq	version:	17.0	Trust: 0.6
vendor:	intel	model:	field programmable gate array software development kit for opencl	scope:	eq	version:	18.0	Trust: 0.6
vendor:	intel	model:	field programmable gate array software development kit for opencl	scope:	eq	version:	16.1	Trust: 0.6
vendor:	intel	model:	field programmable gate array software development kit for opencl	scope:	eq	version:	17.1	Trust: 0.6
vendor:	intel	model:	field programmable gate array software development kit for opencl	scope:	eq	version:	18.1	Trust: 0.6
vendor:	intel	model:	field programmable gate array software development kit for opencl	scope:	eq	version:	19.2	Trust: 0.6

sources: JVNDB: JVNDB-2019-013409 // CNNVD: CNNVD-201912-577 // NVD: CVE-2019-11165

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2019-11165
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2019-11165
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-201912-577
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-142784
value:	LOW
Trust: 0.1
VULMON:	CVE-2019-11165
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2019-11165
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.9
VULHUB:	VHN-142784
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2019-11165
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	CVE-2019-11165
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-142784 // VULMON: CVE-2019-11165 // JVNDB: JVNDB-2019-013409 // CNNVD: CNNVD-201912-577 // NVD: CVE-2019-11165

PROBLEMTYPE DATA

problemtype:

CWE-754

Trust: 1.9

sources: VULHUB: VHN-142784 // JVNDB: JVNDB-2019-013409 // NVD: CVE-2019-11165

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-201912-577

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-201912-577

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-013409

PATCH

title:	INTEL-SA-00284	url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html	Trust: 0.8
title:	Intel FPGA SDK Fixes for code issue vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=105910	Trust: 0.6
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2019-11165	Trust: 0.1

sources: VULMON: CVE-2019-11165 // JVNDB: JVNDB-2019-013409 // CNNVD: CNNVD-201912-577

EXTERNAL IDS

db:	NVD	id:	CVE-2019-11165	Trust: 2.6
db:	JVN	id:	JVNVU93632155	Trust: 0.8
db:	JVNDB	id:	JVNDB-2019-013409	Trust: 0.8
db:	CNNVD	id:	CNNVD-201912-577	Trust: 0.7
db:	AUSCERT	id:	ESB-2019.4649	Trust: 0.6
db:	CNVD	id:	CNVD-2020-18608	Trust: 0.1
db:	VULHUB	id:	VHN-142784	Trust: 0.1
db:	VULMON	id:	CVE-2019-11165	Trust: 0.1

sources: VULHUB: VHN-142784 // VULMON: CVE-2019-11165 // JVNDB: JVNDB-2019-013409 // CNNVD: CNNVD-201912-577 // NVD: CVE-2019-11165

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00284.html	Trust: 1.8
url:	https://nvd.nist.gov/vuln/detail/cve-2019-11165	Trust: 1.4
url:	https://support.f5.com/csp/article/k07357521?utm_source=f5support&amp%3butm_medium=rss	Trust: 1.0
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11165	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu93632155/	Trust: 0.8
url:	https://support.f5.com/csp/article/k07357521?utm_source=f5support&utm_medium=rss	Trust: 0.7
url:	https://www.auscert.org.au/bulletins/esb-2019.4649/	Trust: 0.6
url:	https://support.f5.com/csp/article/k07357521?utm_source=f5support&amp;utm_medium=rss	Trust: 0.1
url:	https://cwe.mitre.org/data/definitions/754.html	Trust: 0.1
url:	https://github.com/live-hack-cve/cve-2019-11165	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-142784 // VULMON: CVE-2019-11165 // JVNDB: JVNDB-2019-013409 // CNNVD: CNNVD-201912-577 // NVD: CVE-2019-11165

SOURCES

db:	VULHUB	id:	VHN-142784
db:	VULMON	id:	CVE-2019-11165
db:	JVNDB	id:	JVNDB-2019-013409
db:	CNNVD	id:	CNNVD-201912-577
db:	NVD	id:	CVE-2019-11165

LAST UPDATE DATE

2024-11-23T20:05:20.794000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-142784	date:	2023-01-28T00:00:00
db:	VULMON	id:	CVE-2019-11165	date:	2023-01-28T00:00:00
db:	JVNDB	id:	JVNDB-2019-013409	date:	2019-12-27T00:00:00
db:	CNNVD	id:	CNNVD-201912-577	date:	2019-12-30T00:00:00
db:	NVD	id:	CVE-2019-11165	date:	2024-11-21T04:20:39.083

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-142784	date:	2019-12-16T00:00:00
db:	VULMON	id:	CVE-2019-11165	date:	2019-12-16T00:00:00
db:	JVNDB	id:	JVNDB-2019-013409	date:	2019-12-27T00:00:00
db:	CNNVD	id:	CNNVD-201912-577	date:	2019-12-12T00:00:00
db:	NVD	id:	CVE-2019-11165	date:	2019-12-16T20:15:14.663