DescriptionImproper input validation in some Intel(R) Graphics Drivers for Windows* before version and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
firmware-nonfree (PTS)buster/non-free20190114-2vulnerable
buster/non-free (security)20190114+really20220913-0+deb10u1fixed
sid/non-free-firmware, bookworm/non-free-firmware20230210-5fixed
linux (PTS)buster4.19.249-2vulnerable
buster (security)4.19.282-1vulnerable
bullseye (security)5.10.179-1vulnerable
bookworm, sid6.1.27-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs


[bullseye] - linux <ignored> (Too intrusive to backport)
[buster] - linux <ignored> (Too intrusive to backport)
[stretch] - firmware-nonfree <ignored> (Minor issue, too intrusive to fix since kernel patch is needed)
Short of details:
Per Intel, this was fixed by a firmware update. v49.0.1 of the
firmware is required. The new firmware requires a kernel patch
Firmware was added via
The vulnerability is fixed in firmware, but needs an updated Linux kernel to load
the updated firmware, thus also marking linux as affected

Search for package or bug name: Reporting problems