First published: Wed Oct 10 2018(Updated: )
Credit: secure@intel.com Piotr Bania Cisco TalosPiotr Bania Cisco TalosPiotr Bania Cisco TalosPiotr Bania Cisco TalosPiotr Bania Cisco TalosPiotr Bania Cisco Talos
Affected Software | Affected Version | How to fix |
---|---|---|
Apple macOS Catalina | <10.15.1 | 10.15.1 |
Intel Graphics Driver | =15.33.43.4425 | |
Intel Graphics Driver | =15.33.45.4653 | |
Intel Graphics Driver | =15.33.46.4885 | |
Intel Graphics Driver | =15.33.47.5059 | |
Intel Graphics Driver | =15.36.26.4294 | |
Intel Graphics Driver | =15.36.28.4332 | |
Intel Graphics Driver | =15.36.31.4414 | |
Intel Graphics Driver | =15.36.33.4578 | |
Intel Graphics Driver | =15.36.34.4889 | |
Intel Graphics Driver | =15.36.35.5057 | |
Intel Graphics Driver | =15.40.34.4624 | |
Intel Graphics Driver | =15.40.36.4703 | |
Intel Graphics Driver | =15.40.37.4835 | |
Intel Graphics Driver | =15.40.38.4963 | |
Intel Graphics Driver | =15.40.41.5058 | |
Apple macOS Catalina | <10.15 | 10.15 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Found alongside the following vulnerabilities)
The vulnerability ID is CVE-2018-12152.
The severity level of CVE-2018-12152 is high with a score of 7.8.
The affected software versions include Intel Graphics Driver versions 15.33.43.4425, 15.33.45.4653, 15.33.46.4885, 15.33.47.5059, 15.36.26.4294, 15.36.28.4332, 15.36.31.4414, 15.36.33.4578, 15.36.34.4889, 15.36.35.5057, 15.40.34.4624, 15.40.36.4703, 15.40.37.4835, 15.40.38.4963, and 15.40.41.5058, as well as Apple macOS Catalina up to version 10.15.1.
An unauthenticated remote user may potentially execute arbitrary WebGL code via local access due to pointer corruption in the Unified Shader Compiler in Intel Graphics Drivers.
You can find more information about CVE-2018-12152 on the following references: [Support.apple.com](https://support.apple.com/en-us/HT210722), [Seclists.org (Full Disclosure)](http://seclists.org/fulldisclosure/2019/Oct/55), [Seclists.org (Full Disclosure)](http://seclists.org/fulldisclosure/2019/Oct/56).