Piotr Bania of Cisco Talos discovered this vulnerability. Blog by Jon Munshaw.
Intel’s IGC64.dll graphics driver contains a denial-of-service vulnerability. An attacker could exploit this bug by supplying a malformed pixel shader if the graphics driver is operating inside a VMware
guest operating system. This type of attack can be triggered from VMware guest usermode to cause a denial-of-service attack due to an out-of-bounds read in the driver.
In accordance with our coordinated disclosure policy, Cisco Talos worked with Intel to ensure that these issues are resolved and that an update is available for affected customers.
Vulnerability details Intel IGC64.DLL shader functionality DCL_INDEXABLE_TEMP denial-of-service vulnerability (TALOS-2019-0845/CVE-2019-14574)
An exploitable memory corruption vulnerability exists in Intel's IGC64.DLL graphics driver, versions 18.104.22.16809 and 22.214.171.12461. A specially crafted pixel shader can cause an out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host.
Read the complete vulnerability advisory here for additional information.
Versions tested Talos tested and confirmed that the Intel Graphics Shader Compiler for Intel Graphics Accelerator, versions 126.96.36.19909 and 188.8.131.5261, are affected by this vulnerability if the user is using VMware Workstation 15 (15.0.4 build-12990004), with Windows 10 x64 as the guest VM.
Coverage The following SNORTⓇ rules will detect exploitation attempts. Note that additional rules may be released at a future date and current rules are subject to change pending additional vulnerability information. For the most current rule information, please refer to your Firepower Management Center or Snort.org.
Snort Rules: 50295, 50296