Details of VAR-202008-1126

ID

VAR-202008-1126

CVE

CVE-2020-8679

TITLE

Intel(R) Graphics Drivers Out-of-bounds write vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-009485

DESCRIPTION

Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics Drivers before version 26.20.100.7755 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) Graphics Drivers Is vulnerable to out-of-bounds writes.Service operation interruption (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A security vulnerability exists in kernel-mode drivers in versions prior to Intel Graphics Drivers 26.20.100.7755. An attacker could exploit this vulnerability to cause a denial of service

Trust: 1.71

sources: NVD: CVE-2020-8679 // JVNDB: JVNDB-2020-009485 // VULHUB: VHN-186804

AFFECTED PRODUCTS

vendor:	intel	model:	graphics drivers	scope:	lt	version:	26.20.100.7755	Trust: 1.0
vendor:	intel	model:	graphics drivers	scope:	eq	version:	26.20.100.7755	Trust: 0.8

sources: JVNDB: JVNDB-2020-009485 // NVD: CVE-2020-8679

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-8679
value:	MEDIUM
Trust: 1.0
NVD:	JVNDB-2020-009485
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202008-595
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-186804
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2020-8679
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2020-009485
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-186804
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-8679
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-009485
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-186804 // JVNDB: JVNDB-2020-009485 // CNNVD: CNNVD-202008-595 // NVD: CVE-2020-8679

PROBLEMTYPE DATA

problemtype:

CWE-787

Trust: 1.9

sources: VULHUB: VHN-186804 // JVNDB: JVNDB-2020-009485 // NVD: CVE-2020-8679

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202008-595

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202008-595

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-009485

PATCH

title:	INTEL-SA-00369	url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00369.html	Trust: 0.8
title:	Intel Graphics Drivers Security vulnerabilities	url:	http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=126452	Trust: 0.6

sources: JVNDB: JVNDB-2020-009485 // CNNVD: CNNVD-202008-595

EXTERNAL IDS

db:	NVD	id:	CVE-2020-8679	Trust: 2.5
db:	JVN	id:	JVNVU99606488	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-009485	Trust: 0.8
db:	CNNVD	id:	CNNVD-202008-595	Trust: 0.7
db:	AUSCERT	id:	ESB-2020.2760	Trust: 0.6
db:	LENOVO	id:	LEN-36229	Trust: 0.6
db:	NSFOCUS	id:	49019	Trust: 0.6
db:	CNVD	id:	CNVD-2020-49543	Trust: 0.1
db:	VULHUB	id:	VHN-186804	Trust: 0.1

sources: VULHUB: VHN-186804 // JVNDB: JVNDB-2020-009485 // CNNVD: CNNVD-202008-595 // NVD: CVE-2020-8679

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00369.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8679	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-8679	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu99606488	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/49019	Trust: 0.6
url:	https://support.lenovo.com/us/en/product_security/len-36229	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2760/	Trust: 0.6

sources: VULHUB: VHN-186804 // JVNDB: JVNDB-2020-009485 // CNNVD: CNNVD-202008-595 // NVD: CVE-2020-8679

CREDITS

Ori Nimron (@orinimron123)

Trust: 0.6

sources: CNNVD: CNNVD-202008-595

SOURCES

db:	VULHUB	id:	VHN-186804
db:	JVNDB	id:	JVNDB-2020-009485
db:	CNNVD	id:	CNNVD-202008-595
db:	NVD	id:	CVE-2020-8679

LAST UPDATE DATE

2024-11-23T21:35:21.444000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-186804	date:	2020-08-19T00:00:00
db:	JVNDB	id:	JVNDB-2020-009485	date:	2020-11-10T06:26:54
db:	CNNVD	id:	CNNVD-202008-595	date:	2022-02-10T00:00:00
db:	NVD	id:	CVE-2020-8679	date:	2024-11-21T05:39:14.580

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-186804	date:	2020-08-13T00:00:00
db:	JVNDB	id:	JVNDB-2020-009485	date:	2020-11-10T06:26:54
db:	CNNVD	id:	CNNVD-202008-595	date:	2020-08-11T00:00:00
db:	NVD	id:	CVE-2020-8679	date:	2020-08-13T04:15:13.397