Security News > 2020 > March > High-Severity Flaws Plague Intel Graphics Drivers

Intel develops graphics drivers for Windows OS to communicate with specific Intel graphics devices, for instance.

Sys file of the graphics drivers, which could enable privilege escalation or DoS; and an improper conditions check glitch in the graphic driver that may enable information disclosure and DoS. It's not the first time flaws have been discovered in discovered in Intel's graphics drivers.

In its Tuesday security advisory, Intel addressed CVE-2020-0551, a new class of transient-execution attacks that exploit microarchitectural flaws to inject attacker data into a program and steal sensitive data and keys from Intel SGX. "LVI turns previous data extraction attacks around, like Meltdown, Foreshadow, ZombieLoad, RIDL and Fallout, and defeats all existing mitigations," according to researchers who discovered the flaw in a Tuesday post.

Intel for its part rated the vulnerability medium severity and said in a separate post: "Due to the numerous complex requirements that must be satisfied to successfully carry out the LVI method, Intel does not believe LVI is a practical exploit in real world environments where the OS and VMM are trusted."

Versions of Smart Sound Technology before the 10th Generation Intel Core i7 Processors, version 3431; and 8th Generation Intel Core Processors, version 3349 are affected; Intel recommends that users update to the latest version provided by the system manufacturer that addresses these issues.

News URL

https://threatpost.com/high-severity-flaws-intel-graphics-drivers/153568/?utm_source=rss&utm_medium=rss&utm_campaign=high-severity-flaws-intel-graphics-drivers