CVE-2024-36292
📋 TL;DR
An improper buffer restriction vulnerability in Intel Data Center GPU Flex Series drivers for Windows allows authenticated local users to cause denial of service. This affects systems using these specific Intel GPU drivers before version 31.0.101.4314. The vulnerability requires local access and authentication to exploit.
💻 Affected Systems
- Intel Data Center GPU Flex Series for Windows
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
System crash or instability requiring reboot, potentially disrupting GPU-dependent workloads and services.
Likely Case
Local authenticated user causes GPU driver crash, affecting GPU functionality until system reboot.
If Mitigated
Minimal impact with proper access controls limiting local authenticated users.
🎯 Exploit Status
Requires local authenticated access and knowledge of vulnerable driver interface.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 31.0.101.4314 or later
Vendor Advisory: https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01253.html
Restart Required: Yes
Instructions:
1. Download updated driver from Intel website. 2. Run installer with administrative privileges. 3. Follow on-screen prompts. 4. Restart system when prompted.
🔧 Temporary Workarounds
Restrict local authenticated access
windowsLimit local user accounts and privileges on affected systems
🧯 If You Can't Patch
- Implement strict access controls to limit local authenticated users
- Monitor systems for unexpected GPU driver crashes or instability
🔍 How to Verify
Check if Vulnerable:
Check GPU driver version in Device Manager under Display adapters > Intel Data Center GPU Flex Series > Driver tabCheck Version:
wmic path win32_pnpentity where "caption like '%Intel Data Center GPU Flex Series%'" get caption, driverVersionVerify Fix Applied:
Confirm driver version is 31.0.101.4314 or higher in Device Manager📡 Detection & Monitoring
Log Indicators:
- GPU driver crash events in Windows Event Logs
- System instability or unexpected reboots
Network Indicators:
- None - local vulnerability only
SIEM Query:
EventID=1001 OR EventID=1000 AND Source='Display' AND Description contains 'Intel Data Center GPU Flex Series'