Bug 1962650 (CVE-2020-24489)
| Summary: | CVE-2020-24489 hw: vt-d related privilege escalation | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Petr Matousek <pmatouse> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED ERRATA | QA Contact: | |
| Severity: | high | Docs Contact: | |
| Priority: | high | ||
| Version: | unspecified | CC: | dblechte, dfediuck, eedri, esyr, kyoneyam, mgoldboi, michal.skrivanek, nobody, sbonazzo, security-response-team, sherold, skozina, yozone, yturgema |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: |
A flaw was found in IntelĀ® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
|
Story Points: | --- |
| Clone Of: | Environment: | ||
| Last Closed: | 2021-06-09 03:04:08 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1962652, 1962654, 1962655, 1962656, 1962657, 1962658, 1962659, 1962660, 1962661, 1962662, 1962663, 1962664, 1970767, 1970768 | ||
| Bug Blocks: | 1962646 | ||
|
Description
Petr Matousek
2021-05-20 13:13:53 UTC
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Extended Lifecycle Support Via RHSA-2021:2299 https://access.redhat.com/errata/RHSA-2021:2299 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Advanced Update Support Via RHSA-2021:2302 https://access.redhat.com/errata/RHSA-2021:2302 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Advanced Update Support Via RHSA-2021:2300 https://access.redhat.com/errata/RHSA-2021:2300 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:2306 https://access.redhat.com/errata/RHSA-2021:2306 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:2307 https://access.redhat.com/errata/RHSA-2021:2307 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:2308 https://access.redhat.com/errata/RHSA-2021:2308 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Advanced Update Support Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions Red Hat Enterprise Linux 7.4 Telco Extended Update Support Via RHSA-2021:2301 https://access.redhat.com/errata/RHSA-2021:2301 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.6 Advanced Update Support Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions Red Hat Enterprise Linux 7.6 Telco Extended Update Support Via RHSA-2021:2303 https://access.redhat.com/errata/RHSA-2021:2303 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Extended Update Support Via RHSA-2021:2304 https://access.redhat.com/errata/RHSA-2021:2304 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:2305 https://access.redhat.com/errata/RHSA-2021:2305 This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-24489 This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 7 Via RHSA-2021:2519 https://access.redhat.com/errata/RHSA-2021:2519 This issue has been addressed in the following products: Red Hat Virtualization 4 for Red Hat Enterprise Linux 8 Via RHSA-2021:2522 https://access.redhat.com/errata/RHSA-2021:2522 This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:3027 https://access.redhat.com/errata/RHSA-2021:3027 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2021:3028 https://access.redhat.com/errata/RHSA-2021:3028 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.7 Extended Update Support Via RHSA-2021:3029 https://access.redhat.com/errata/RHSA-2021:3029 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.1 Extended Update Support Via RHSA-2021:3176 https://access.redhat.com/errata/RHSA-2021:3176 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.4 Advanced Update Support Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions Red Hat Enterprise Linux 7.4 Telco Extended Update Support Via RHSA-2021:3255 https://access.redhat.com/errata/RHSA-2021:3255 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.2 Advanced Update Support Via RHSA-2021:3323 https://access.redhat.com/errata/RHSA-2021:3323 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.3 Advanced Update Support Via RHSA-2021:3322 https://access.redhat.com/errata/RHSA-2021:3322 This issue has been addressed in the following products: Red Hat Enterprise Linux 7.6 Advanced Update Support Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions Red Hat Enterprise Linux 7.6 Telco Extended Update Support Via RHSA-2021:3317 https://access.redhat.com/errata/RHSA-2021:3317 This issue has been addressed in the following products: Red Hat Enterprise Linux 8.2 Extended Update Support Via RHSA-2021:3364 https://access.redhat.com/errata/RHSA-2021:3364 |