CVE-2019-0154

Name: CVE-2019-0154
Creator: NVD / NIST
Published: 2019-11-14T19:15:12.783+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

MEDIUMCVSS 5.5/10EPSS 0.65%

Last modified Jun 17, 2026

CVE-2019-0154 is a medium-severity vulnerability rated 5.5/10 on the CVSS scale. Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.. EPSS estimates a 0.65% chance of exploitation in the next 30 days.

Description

Insufficient access control in subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor Families; Intel(R) Pentium(R) Processor J, N, Silver and Gold Series; Intel(R) Celeron(R) Processor J, N, G3900 and G4900 Series; Intel(R) Atom(R) Processor A and E3900 Series; Intel(R) Xeon(R) Processor E3-1500 v5 and v6 and E-2100 Processor Families may allow an authenticated user to potentially enable denial of service via local access.

Metrics

CVSS 3.1

5.5/10

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Probability

0.65%

46.2th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

Vendor	Product	Versions
Canonical	Ubuntu Linux	14.04
Intel	Pentium J4205 Firmware	< 26.20.100.6859
Intel	Pentium N4200 Firmware	< 26.20.100.6859
Intel	Celeron J3355 Firmware	< 26.20.100.6859
Intel	Celeron J3455 Firmware	< 26.20.100.6859
Intel	Celeron N3350 Firmware	< 26.20.100.6859
Intel	Celeron N3450 Firmware	< 26.20.100.6859
Intel	Atom X5-A3930 Firmware	< 26.20.100.6859
Intel	Atom X5-A3940 Firmware	< 26.20.100.6859
Intel	Atom X7-A3950 Firmware	< 26.20.100.6859
Intel	Pentium Silver J5005 Firmware	< 26.20.100.6859
Intel	Pentium Silver N5000 Firmware	< 26.20.100.6859
Intel	Celeron J4005 Firmware	< 26.20.100.6859
Intel	Celeron J4105 Firmware	< 26.20.100.6859
Intel	Celeron N4000 Firmware	< 26.20.100.6859
Intel	Celeron N4100 Firmware	< 26.20.100.6859
Intel	Core I7-6970hq Firmware	< 26.20.100.6859
Intel	Core I7-6920hq Firmware	< 26.20.100.6859
Intel	Core I7-6870hq Firmware	< 26.20.100.6859
Intel	Core I7-6822eq Firmware	< 26.20.100.6859
Intel	Core I7-6820hq Firmware	< 26.20.100.6859
Intel	Core I7-6820hk Firmware	< 26.20.100.6859
Intel	Core I7-6820eq Firmware	< 26.20.100.6859
Intel	Core I7-6785r Firmware	< 26.20.100.6859
Intel	Core I7-6700k Firmware	< 26.20.100.6859
Intel	Core I7-6700t Firmware	< 26.20.100.6859
Intel	Core I7-6700te Firmware	< 26.20.100.6859
Intel	Core I7-6700 Firmware	< 26.20.100.6859
Intel	Core I7-6770hq Firmware	< 26.20.100.6859
Intel	Core I7-6700hq Firmware	< 26.20.100.6859
Intel	Core I7-6660u Firmware	< 26.20.100.6859
Intel	Core I7-6650u Firmware	< 26.20.100.6859
Intel	Core I7-6600u Firmware	< 26.20.100.6859
Intel	Core I7-6567u Firmware	< 26.20.100.6859
Intel	Core I7-6560u Firmware	< 26.20.100.6859
Intel	Core I7-6500u Firmware	< 26.20.100.6859
Intel	Xeon E3-1585 V5 Firmware	< 26.20.100.6859
Intel	Xeon E3-1585l V5 Firmware	< 26.20.100.6859
Intel	Xeon E3-1578l V5 Firmware	< 26.20.100.6859
Intel	Xeon E3-1575m V5 Firmware	< 26.20.100.6859
Intel	Xeon E3-1565l V5 Firmware	< 26.20.100.6859
Intel	Xeon E3-1558l V5 Firmware	< 26.20.100.6859
Intel	Xeon E3-1545m V5 Firmware	< 26.20.100.6859
Intel	Xeon E3-1535m V5 Firmware	< 26.20.100.6859
Intel	Xeon E3-1515m V5 Firmware	< 26.20.100.6859
Intel	Xeon E3-1505m V5 Firmware	< 26.20.100.6859
Intel	Xeon E3-1505m V5 Firmware	All versions
Intel	Xeon E3-1505l V5 Firmware	< 26.20.100.6859
Intel	Xeon E3-1280 V5 Firmware	< 26.20.100.6859
Intel	Xeon E3-1275 V5 Firmware	< 26.20.100.6859

Showing 50 of 149 affected configurations. See NVD for the full list.

References

http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlThird Party Advisory
https://access.redhat.com/errata/RHSA-2020:0204
https://seclists.org/bugtraq/2019/Nov/26Issue Tracking, Mailing List, Third Party Advisory
https://security.netapp.com/advisory/ntap-20200320-0004/
https://support.f5.com/csp/article/K73659122?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/4186-2/Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00260.htmlVendor Advisory
http://packetstormsecurity.com/files/155375/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlThird Party Advisory
https://access.redhat.com/errata/RHSA-2020:0204
https://seclists.org/bugtraq/2019/Nov/26Issue Tracking, Mailing List, Third Party Advisory
https://security.netapp.com/advisory/ntap-20200320-0004/
https://support.f5.com/csp/article/K73659122?utm_source=f5support&amp%3Butm_medium=RSS
https://usn.ubuntu.com/4186-2/Third Party Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00260.htmlVendor Advisory

Timeline

Published: Nov 14, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-0154?

How severe is CVE-2019-0154?

CVE-2019-0154 has a CVSS score of 5.5/10 (MEDIUM severity). The EPSS model estimates a 0.65% probability of exploitation in the next 30 days.

How do I fix CVE-2019-0154?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-0154?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST