CVE-2019-11085

HIGH

Intel i915_firmware < 5.0 - Authenticated Privilege Escalation via Kernel Mode Driver Input Validation

Title source: llm
STIX 2.1

Description

Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.

References (15)

Core 15
Core References
Third Party Advisory x_refsource_confirm
https://support.f5.com/csp/article/K09376613
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/108488
Vendor Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4068-1/
Vendor Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4068-2/
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:1873
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:1891
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:1959
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2019:1971
Vendor Advisory vendor-advisory x_refsource_ubuntu
https://usn.ubuntu.com/4118-1/
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2020:0543
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2020:0592
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2020:0609

Scores

CVSS v3 7.8
EPSS 0.0012
EPSS Percentile 30.4%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (1)
intel/i915_firmware < 5.0
Published May 17, 2019
Tracked Since Feb 18, 2026