Intel has issued fixes for five high-severity vulnerabilities in its graphics drivers. Attackers can exploit these flaws to launch an array of malicious attacks – such as escalating their privileges, stealing sensitive data or launching denial-of-service attacks.
The graphics driver is software that controls how graphic components work with the rest of the computer. Intel develops graphics drivers for Windows OS to communicate with specific Intel graphics devices, for instance. The most serious of the flaws in Intel’s graphics drivers (CVE-2020-0544), which ranks 8.8 out of 10 on the CVSS scale, stems from the kernel mode driver, which is the piece of a graphics driver that executes any instruction it needs on the CPU without waiting, and can reference any memory address that is available.
This flaw stems from insufficient control-flow management in Intel graphics drivers prior to version 15.36.39.5145. The flaw can enable a user to escalate their privileges – however, an attacker would need to be authenticated and have local access to the device, said Intel.
Another privilege-escalation issue (CVE-2020-0521) stemming from insufficient control-flow management was fixed in Intel graphics drivers (also before version 15.45.32.5145). To exploit this flaw, an attacker would also need to be authenticated and have local access.
Intel also warned of a use-after-free bug (CVE-2020-12361), an improper conditions-check problem (CVE-2020-24450) and an integer-overflow vulnerability (CVE-2020-12362) in its graphics drivers. The latter could enable denial-of-service (DoS) attacks on affected devices.
Intel Server Boards and Compute Modules Flaws
Intel also patched two high-severity flaws in its server boards, server systems and compute modules. Specifically affected are the Intel Server System R1000WF and R2000WF families; Intel Server Board S2600WF family, Intel Server Board S2600ST family and Intel Server Board S2600BP family; and Intel Compute Module HNS2600BP family.
One of these flaws is a buffer-overflow issue (CVE-2020-12373) in the Baseboard Management Controller (BMC) firmware for some Intel server boards, server systems and compute modules. The second vulnerability is an insufficient input validation hole (CVE-2020-12377) in the BMC firmware. Both flaws exist before version 2.47 and could “allow an authenticated user to potentially enable escalation of privilege via local access.”
Other Intel Security Vulnerabilities
Intel also fixed a high-severity flaw in its XMM 7360 modem, which converts data from a digital format into a format for a transmission medium. It’s used for LTE 4G smartphones and tablets.
“Improper buffer restrictions in firmware for Intel 7360 Cell Modem before UDE version 9.4.370 may allow unauthenticated users to potentially enable denial-of-service via network access,” said Intel.
The other high-severity flaw exists in Intel’s SSD Toolbox. This toolbox allows Windows users to update the firmware and run diagnostic tests on an Intel solid-state drive (SSD). According to Intel, the vulnerability stems from incorrect default permissions in the installer of the Intel SSD Toolbox, and may enable a privileged user to potentially enable local privilege escalation.
The fixes end a dry spell in security updates for Intel, which hasn’t disclosed any patched vulnerabilities since November. At that time, Intel issued a colossal security update addressing flaws across a myriad of products – most notably, critical bugs that can be exploited by unauthenticated cybercriminals in order to gain escalated privileges.
Threatpost WEBINAR: Is your small- to medium-sized business an easy mark for attackers? Save your spot for “15 Cybersecurity Gaffes SMBs Make,” a FREE Threatpost webinar on Feb. 24 at 2 p.m. ET. Cybercriminals count on you making these mistakes, but our experts will help you lock down your small- to mid-sized business like it was a Fortune 100. Register NOW for this LIVE webinar on Wed., Feb. 24.
