Strix
26.1K

CVE-2018-18090

UnknownEPSS 0.32%

Last modified

CVE-2018-18090 is a vulnerability of currently unknown severity. Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access.. EPSS estimates a 0.32% chance of exploitation in the next 30 days.

Description

Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access.

Metrics

EPSS Probability
0.32%

23.8th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersions
IntelGraphics Driver15.33.43.4425
IntelGraphics Driver15.33.45.4653
IntelGraphics Driver15.33.46.4885
IntelGraphics Driver15.36.26.4294
IntelGraphics Driver15.36.28.4332
IntelGraphics Driver15.36.31.4414
IntelGraphics Driver15.36.33.4578
IntelGraphics Driver15.36.34.4889
IntelGraphics Driver15.40.34.4624
IntelGraphics Driver15.40.36.4703
IntelGraphics Driver15.40.37.4835
IntelGraphics Driver15.40.38.4963
IntelGraphics Driver15.40.41.5058
IntelGraphics Driver15.45.18.4664
IntelGraphics Driver15.45.19.4678
IntelGraphics Driver15.45.21.4821
IntelGraphics Driver15.45.23.4860
IntelGraphics Driver24.20.100.6025
IntelGraphics Driver24.20.100.6094
IntelGraphics Driver24.20.100.6136
IntelGraphics Driver24.20.100.6194
IntelGraphics Driver24.20.100.6229
IntelGraphics Driver24.20.100.6286

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2018-18090?
Out of bounds read in igdkm64.sys in Intel(R) Graphics Driver for Windows* before versions 10.18.x.5059 (aka 15.33.x.5059), 10.18.x.5057 (aka 15.36.x.5057), 20.19.x.5063 (aka 15.40.x.5063) 21.20.x.5064 (aka 15.45.x.5064) and 24.20.100.6373 may allow an authenticated user to potentially enable denial of service via local access.
How severe is CVE-2018-18090?
Severity scoring for CVE-2018-18090 is pending analysis. The EPSS model estimates a 0.32% probability of exploitation in the next 30 days.
How do I fix CVE-2018-18090?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2018-18090?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST