CVE-2018-12154: Input Validation
First published: Mon Oct 15 2018(Updated: )
Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user to potentially create an infinite loop and crash an application via local access.
Credit: secure@intel.com Piotr Bania Cisco TalosPiotr Bania Cisco TalosPiotr Bania Cisco TalosPiotr Bania Cisco TalosPiotr Bania Cisco TalosPiotr Bania Cisco Talos
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Graphics Driver | =15.33.43.4425 | |
| Intel Graphics Driver | =15.33.45.4653 | |
| Intel Graphics Driver | =15.33.46.4885 | |
| Intel Graphics Driver | =15.36.26.4294 | |
| Intel Graphics Driver | =15.36.28.4332 | |
| Intel Graphics Driver | =15.36.31.4414 | |
| Intel Graphics Driver | =15.36.33.4578 | |
| Intel Graphics Driver | =15.36.34.4889 | |
| Intel Graphics Driver | =15.40.34.4624 | |
| Intel Graphics Driver | =15.40.36.4703 | |
| Intel Graphics Driver | =15.40.37.4835 | |
| Intel Graphics Driver | =15.40.38.4963 | |
| Apple macOS Catalina | <10.15 | 10.15 |
| Apple macOS Catalina | <10.15.1 | 10.15.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://seclists.org/fulldisclosure/2019/Oct/55
- http://seclists.org/fulldisclosure/2019/Oct/56
- http://www.securityfocus.com/bid/105582
- https://support.apple.com/kb/HT210634
- https://support.apple.com/kb/HT210722
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00166.html
- https://support.apple.com/en-us/HT210634 (Advisory)
- https://support.apple.com/en-us/HT210722 (Advisory)
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2019-8748
- CVE-2019-11041
- CVE-2019-11042
- CVE-2019-8706
- CVE-2019-8850
- CVE-2019-8774
- CVE-2019-8753
- CVE-2019-8705
- CVE-2019-8592
- CVE-2019-8741
- CVE-2019-8825
- CVE-2019-8757
- CVE-2019-8736
- CVE-2019-8767
- CVE-2019-8737
- CVE-2019-8776
- CVE-2019-8509
- CVE-2019-8746
- CVE-2018-12152
- CVE-2018-12153
- CVE-2018-12154
- CVE-2019-8759
- CVE-2019-8758
- CVE-2019-8755
- CVE-2019-8703
- CVE-2019-8809
- CVE-2019-8744
- CVE-2019-8717
- CVE-2019-8709
- CVE-2019-8781
- CVE-2019-8749
- CVE-2019-8756
- CVE-2019-8750
- CVE-2019-8799
- CVE-2019-8826
- CVE-2019-8730
- CVE-2019-8772
- CVE-2019-8708
- CVE-2019-8715
- CVE-2019-8855
- CVE-2019-8770
- CVE-2019-8701
- CVE-2019-8761
- CVE-2019-8745
- CVE-2019-8831
- CVE-2019-8769
- CVE-2019-8768
- CVE-2019-8854
- CVE-2019-8787
- CVE-2019-8796
- CVE-2019-8824
- CVE-2019-8803
- CVE-2019-8817
- CVE-2019-8716
- CVE-2019-8788
- CVE-2019-8785
- CVE-2019-8797
- CVE-2019-8789
- CVE-2017-7152
- CVE-2019-8798
- CVE-2019-8784
- CVE-2019-8807
- CVE-2019-8801
- CVE-2019-8794
- CVE-2019-8786
- CVE-2019-8829
- CVE-2019-8802
- CVE-2019-8858
- CVE-2019-8805
- CVE-2019-8754
- CVE-2019-15126
Frequently Asked Questions
What is the vulnerability ID?
The vulnerability ID is CVE-2018-12154.
What is the severity of CVE-2018-12154?
The severity of CVE-2018-12154 is medium with a severity value of 5.5.
Which software versions are affected by CVE-2018-12154?
CVE-2018-12154 affects macOS Catalina versions up to 10.15.1 and Intel Graphics Driver versions 15.33.43.4425, 15.33.45.4653, 15.33.46.4885, 15.36.26.4294, 15.36.28.4332, 15.36.31.4414, 15.36.33.4578, 15.36.34.4889, 15.40.34.4624, 15.40.36.4703, 15.40.37.4835, and 15.40.38.4963.
What is the impact of CVE-2018-12154?
CVE-2018-12154 may allow an unprivileged user to potentially create an infinite loop and crash an application via local access, resulting in a denial of service.
How can I fix CVE-2018-12154?
To fix CVE-2018-12154, update your macOS Catalina to version 10.15.1 or newer, or update your Intel Graphics Driver to a version that is not affected.
- collector/nvd-index
- collector/apple-support
- alias/CVE-2018-12153
- alias/CVE-2018-12154
- agent/references
- agent/severity
- agent/author
- agent/event
- agent/weakness
- agent/description
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel graphics driver
- version/intel graphics driver/15.33.43.4425
- version/intel graphics driver/15.33.45.4653
- version/intel graphics driver/15.33.46.4885
- version/intel graphics driver/15.36.26.4294
- version/intel graphics driver/15.36.28.4332
- version/intel graphics driver/15.36.31.4414
- version/intel graphics driver/15.36.33.4578
- version/intel graphics driver/15.36.34.4889
- version/intel graphics driver/15.40.34.4624
- version/intel graphics driver/15.40.36.4703
- version/intel graphics driver/15.40.37.4835
- version/intel graphics driver/15.40.38.4963
- vendor/apple
- canonical/apple macos catalina