Vulnerabilities > CVE-2019-14574 - Out-of-bounds Read vulnerability in multiple products

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

local

low complexity

intel

netapp

CWE-125

NVD

Published: 2019-11-14

Updated: 2022-11-10

Summary

Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.

Vulnerable Configurations

Part	Description	Count
Application	Intel Intel Graphics Driver - Intel Graphics Driver 15.22.54.64.2622 Intel Graphics Driver 15.22.54.2622 Intel Graphics Driver 15.22.58.64.2993 Intel Graphics Driver 15.22.58.2993 Intel Graphics Driver 15.28.24.64.4229 Intel Graphics Driver 15.28.24.4229 Intel Graphics Driver 15.33.43.4425 Intel Graphics Driver 15.33.45.4653 Intel Graphics Driver 15.33.46.4885 Intel Graphics Driver 15.33.48.5069 Intel Graphics Driver 15.36.26.4294 Intel Graphics Driver 15.36.28.4332 Intel Graphics Driver 15.36.31.4414 Intel Graphics Driver 15.36.33.4578 Intel Graphics Driver 15.36.34.4889 Intel Graphics Driver 15.36.36.5067 Intel Graphics Driver 15.36.37.5074 Intel Graphics Driver 15.40.1.64.4256 Intel Graphics Driver 15.40.7.64.4279 Intel Graphics Driver 15.40.14.4352 Intel Graphics Driver 15.40.26.4474 Intel Graphics Driver 15.40.34.4624 Intel Graphics Driver 15.40.36.4703 Intel Graphics Driver 15.40.37.4835 Intel Graphics Driver 15.40.38.4963 Intel Graphics Driver 15.40.41.5058 Intel Graphics Driver 15.40.42.5063 Intel Graphics Driver 15.45.18.4664 Intel Graphics Driver 15.45.19.4678 Intel Graphics Driver 15.45.21.4821 Intel Graphics Driver 15.45.23.4860 Intel Graphics Driver 15.45.26.5065 Intel Graphics Driver 15.45.27.5068 Intel Graphics Driver 15.45.29.5077 Intel Graphics Driver 15.45.5077 Intel Graphics Driver 24.20.100.6025 Intel Graphics Driver 24.20.100.6094 Intel Graphics Driver 24.20.100.6136 Intel Graphics Driver 24.20.100.6194 Intel Graphics Driver 24.20.100.6229 Intel Graphics Driver 24.20.100.6286 Intel Graphics Driver 25.20.100.6519 Intel Graphics Driver 25.20.100.6618 Intel Graphics Driver 26.20.100.6812 Intel Graphics Driver 26.20.100.6813	46
Application	Netapp Netapp Cloud Backup - Netapp Steelstore Cloud Integrated Storage - Netapp Data Availability Services -	3
OS	Netapp Netapp Solidfire Baseboard Management Controller Firmware -	1
Hardware	Netapp Netapp Solidfire Baseboard Management Controller -	1

Common Weakness Enumeration (CWE)

CWE-125 - Out-of-bounds Read

Common Attack Pattern Enumeration and Classification (CAPEC)

Overread Buffers
An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.

Talos

id	TALOS-2019-0845
last seen	2019-11-21
published	2019-11-13
reporter	Talos Intelligence
source	http://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0845
title	Intel IGC64.DLL shader functionality DCL_INDEXABLE_TEMP denial-of-service vulnerability

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Common Attack Pattern Enumeration and Classification (CAPEC)

Talos

References