Details of VAR-202008-1129

ID

VAR-202008-1129

CVE

CVE-2020-8682

TITLE

Intel(R) Graphics Drivers Out-of-bounds read vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2020-009488

DESCRIPTION

Out of bounds read in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access. Intel(R) Graphics Drivers Exists in an out-of-bounds read vulnerability.Service operation interruption (DoS) It may be put into a state. Intel Graphics Drivers is an integrated graphics driver from Intel Corporation. A buffer error vulnerability exists in system drivers in versions prior to Intel Graphics Drivers 15.33.50.5129. An attacker could exploit this vulnerability to cause a denial of service

Trust: 1.71

sources: NVD: CVE-2020-8682 // JVNDB: JVNDB-2020-009488 // VULHUB: VHN-186807

AFFECTED PRODUCTS

vendor:	intel	model:	graphics drivers	scope:	lt	version:	15.33.50.5129	Trust: 1.0
vendor:	intel	model:	graphics drivers	scope:	eq	version:	15.33.50.5129	Trust: 0.8

sources: JVNDB: JVNDB-2020-009488 // NVD: CVE-2020-8682

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2020-8682
value:	MEDIUM
Trust: 1.0
NVD:	JVNDB-2020-009488
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202008-589
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-186807
value:	LOW
Trust: 0.1

nvd@nist.gov:	CVE-2020-8682
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
NVD:	JVNDB-2020-009488
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.8
VULHUB:	VHN-186807
severity:	LOW
baseScore:	2.1
vectorString:	AV:L/AC:L/AU:N/C:N/I:N/A:P
accessVector:	LOCAL
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	PARTIAL
exploitabilityScore:	3.9
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

nvd@nist.gov:	CVE-2020-8682
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 1.0
NVD:	JVNDB-2020-009488
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: VULHUB: VHN-186807 // JVNDB: JVNDB-2020-009488 // CNNVD: CNNVD-202008-589 // NVD: CVE-2020-8682

PROBLEMTYPE DATA

problemtype:

CWE-125

Trust: 1.9

sources: VULHUB: VHN-186807 // JVNDB: JVNDB-2020-009488 // NVD: CVE-2020-8682

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202008-589

TYPE

buffer error

Trust: 0.6

sources: CNNVD: CNNVD-202008-589

CONFIGURATIONS

sources: JVNDB: JVNDB-2020-009488

PATCH

title:

INTEL-SA-00369

url:

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00369.html

Trust: 0.8

sources: JVNDB: JVNDB-2020-009488

EXTERNAL IDS

db:	NVD	id:	CVE-2020-8682	Trust: 2.5
db:	JVN	id:	JVNVU99606488	Trust: 0.8
db:	JVNDB	id:	JVNDB-2020-009488	Trust: 0.8
db:	CNNVD	id:	CNNVD-202008-589	Trust: 0.7
db:	NSFOCUS	id:	49015	Trust: 0.6
db:	AUSCERT	id:	ESB-2020.2760	Trust: 0.6
db:	LENOVO	id:	LEN-36229	Trust: 0.6
db:	CNVD	id:	CNVD-2020-47309	Trust: 0.1
db:	VULHUB	id:	VHN-186807	Trust: 0.1

sources: VULHUB: VHN-186807 // JVNDB: JVNDB-2020-009488 // CNNVD: CNNVD-202008-589 // NVD: CVE-2020-8682

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00369.html	Trust: 1.7
url:	https://nvd.nist.gov/vuln/detail/cve-2020-8682	Trust: 1.4
url:	https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-8682	Trust: 0.8
url:	https://jvn.jp/vu/jvnvu99606488	Trust: 0.8
url:	https://support.lenovo.com/us/en/product_security/len-36229	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/49015	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2020.2760/	Trust: 0.6

sources: VULHUB: VHN-186807 // JVNDB: JVNDB-2020-009488 // CNNVD: CNNVD-202008-589 // NVD: CVE-2020-8682

CREDITS

Ori Nimron (@orinimron123)

Trust: 0.6

sources: CNNVD: CNNVD-202008-589

SOURCES

db:	VULHUB	id:	VHN-186807
db:	JVNDB	id:	JVNDB-2020-009488
db:	CNNVD	id:	CNNVD-202008-589
db:	NVD	id:	CVE-2020-8682

LAST UPDATE DATE

2024-11-23T21:35:21.618000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-186807	date:	2020-08-19T00:00:00
db:	JVNDB	id:	JVNDB-2020-009488	date:	2020-11-10T06:26:59
db:	CNNVD	id:	CNNVD-202008-589	date:	2022-02-10T00:00:00
db:	NVD	id:	CVE-2020-8682	date:	2024-11-21T05:39:14.847

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-186807	date:	2020-08-13T00:00:00
db:	JVNDB	id:	JVNDB-2020-009488	date:	2020-11-10T06:26:59
db:	CNNVD	id:	CNNVD-202008-589	date:	2020-08-11T00:00:00
db:	NVD	id:	CVE-2020-8682	date:	2020-08-13T04:15:13.617