CVE-2019-14615medium
Description
Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.
References
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html
https://usn.ubuntu.com/4254-1/
https://usn.ubuntu.com/4255-1/
https://usn.ubuntu.com/4253-1/
https://usn.ubuntu.com/4254-2/
https://usn.ubuntu.com/4253-2/
https://usn.ubuntu.com/4255-2/
http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html
http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html
https://usn.ubuntu.com/4285-1/
https://usn.ubuntu.com/4287-1/
https://usn.ubuntu.com/4286-2/
https://usn.ubuntu.com/4287-2/
https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html
https://usn.ubuntu.com/4284-1/
https://usn.ubuntu.com/4286-1/
http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html
Details
Source: MITRE
Published: 2020-01-17
Updated: 2021-07-21
Type: CWE-200
Risk Information
CVSS v2
Base Score: 1.9
Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 3.4
Severity: LOW
CVSS v3
Base Score: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 1.8
Severity: MEDIUM