Bug 1962650 (CVE-2020-24489) - CVE-2020-24489 hw: vt-d related privilege escalation
Summary: CVE-2020-24489 hw: vt-d related privilege escalation
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2020-24489
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1962652 1962654 1962655 1962656 1962657 1962658 1962659 1962660 1962661 1962662 1962663 1962664 1970767 1970768
Blocks: 1962646
TreeView+ depends on / blocked
 
Reported: 2021-05-20 13:13 UTC by Petr Matousek
Modified: 2021-08-31 09:21 UTC (History)
14 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
A flaw was found in Intel® VT-d products. Entries from the context cache on some types of context cache invalidations may not be properly invalidated which may allow an authenticated user to potentially enable escalation of privilege via local access. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Clone Of:
Environment:
Last Closed: 2021-06-09 03:04:08 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2021:2299 0 None None None 2021-06-09 00:27:55 UTC
Red Hat Product Errata RHSA-2021:2300 0 None None None 2021-06-09 01:04:19 UTC
Red Hat Product Errata RHSA-2021:2301 0 None None None 2021-06-09 02:02:06 UTC
Red Hat Product Errata RHSA-2021:2302 0 None None None 2021-06-09 00:38:17 UTC
Red Hat Product Errata RHSA-2021:2303 0 None None None 2021-06-09 02:13:52 UTC
Red Hat Product Errata RHSA-2021:2304 0 None None None 2021-06-09 02:14:35 UTC
Red Hat Product Errata RHSA-2021:2305 0 None None None 2021-06-09 02:15:03 UTC
Red Hat Product Errata RHSA-2021:2306 0 None None None 2021-06-09 01:09:28 UTC
Red Hat Product Errata RHSA-2021:2307 0 None None None 2021-06-09 01:41:28 UTC
Red Hat Product Errata RHSA-2021:2308 0 None None None 2021-06-09 01:56:39 UTC
Red Hat Product Errata RHSA-2021:2519 0 None None None 2021-06-22 13:20:37 UTC
Red Hat Product Errata RHSA-2021:2522 0 None None None 2021-06-22 15:26:34 UTC
Red Hat Product Errata RHSA-2021:3027 0 None None None 2021-08-09 09:51:39 UTC
Red Hat Product Errata RHSA-2021:3028 0 None None None 2021-08-09 10:09:48 UTC
Red Hat Product Errata RHSA-2021:3029 0 None None None 2021-08-10 13:40:31 UTC
Red Hat Product Errata RHSA-2021:3176 0 None None None 2021-08-17 08:30:25 UTC
Red Hat Product Errata RHSA-2021:3255 0 None None None 2021-08-24 09:54:47 UTC
Red Hat Product Errata RHSA-2021:3317 0 None None None 2021-08-31 08:24:33 UTC
Red Hat Product Errata RHSA-2021:3322 0 None None None 2021-08-31 08:04:24 UTC
Red Hat Product Errata RHSA-2021:3323 0 None None None 2021-08-31 07:56:45 UTC
Red Hat Product Errata RHSA-2021:3364 0 None None None 2021-08-31 09:21:58 UTC

Description Petr Matousek 2021-05-20 13:13:53 UTC 
Intel® VT-d products may not properly invalidate all affected entries from the context cache on some types of context cache invalidations, which may allow an authenticated user to potentially enable escalation of privilege via local access.
Comment 2 errata-xmlrpc 2021-06-09 00:27:54 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 6 Extended Lifecycle Support

Via RHSA-2021:2299 https://access.redhat.com/errata/RHSA-2021:2299
Comment 3 errata-xmlrpc 2021-06-09 00:38:16 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.3 Advanced Update Support

Via RHSA-2021:2302 https://access.redhat.com/errata/RHSA-2021:2302
Comment 4 errata-xmlrpc 2021-06-09 01:04:18 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.2 Advanced Update Support

Via RHSA-2021:2300 https://access.redhat.com/errata/RHSA-2021:2300
Comment 5 errata-xmlrpc 2021-06-09 01:09:26 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2021:2306 https://access.redhat.com/errata/RHSA-2021:2306
Comment 6 errata-xmlrpc 2021-06-09 01:41:27 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:2307 https://access.redhat.com/errata/RHSA-2021:2307
Comment 7 errata-xmlrpc 2021-06-09 01:56:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:2308 https://access.redhat.com/errata/RHSA-2021:2308
Comment 8 errata-xmlrpc 2021-06-09 02:02:03 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.4 Advanced Update Support
  Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.4 Telco Extended Update Support

Via RHSA-2021:2301 https://access.redhat.com/errata/RHSA-2021:2301
Comment 9 errata-xmlrpc 2021-06-09 02:13:51 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Advanced Update Support
  Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.6 Telco Extended Update Support

Via RHSA-2021:2303 https://access.redhat.com/errata/RHSA-2021:2303
Comment 10 errata-xmlrpc 2021-06-09 02:14:33 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Extended Update Support

Via RHSA-2021:2304 https://access.redhat.com/errata/RHSA-2021:2304
Comment 11 errata-xmlrpc 2021-06-09 02:15:02 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:2305 https://access.redhat.com/errata/RHSA-2021:2305
Comment 12 Product Security DevOps Team 2021-06-09 03:04:08 UTC 
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2020-24489
Comment 14 errata-xmlrpc 2021-06-22 13:20:33 UTC 
This issue has been addressed in the following products:

  Red Hat Virtualization 4 for Red Hat Enterprise Linux 7

Via RHSA-2021:2519 https://access.redhat.com/errata/RHSA-2021:2519
Comment 15 errata-xmlrpc 2021-06-22 15:26:20 UTC 
This issue has been addressed in the following products:

  Red Hat Virtualization 4 for Red Hat Enterprise Linux 8

Via RHSA-2021:2522 https://access.redhat.com/errata/RHSA-2021:2522
Comment 16 errata-xmlrpc 2021-08-09 09:51:37 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2021:3027 https://access.redhat.com/errata/RHSA-2021:3027
Comment 17 errata-xmlrpc 2021-08-09 10:09:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7

Via RHSA-2021:3028 https://access.redhat.com/errata/RHSA-2021:3028
Comment 19 errata-xmlrpc 2021-08-10 13:40:30 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.7 Extended Update Support

Via RHSA-2021:3029 https://access.redhat.com/errata/RHSA-2021:3029
Comment 23 errata-xmlrpc 2021-08-17 08:30:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.1 Extended Update Support

Via RHSA-2021:3176 https://access.redhat.com/errata/RHSA-2021:3176
Comment 24 errata-xmlrpc 2021-08-24 09:54:45 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.4 Advanced Update Support
  Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.4 Telco Extended Update Support

Via RHSA-2021:3255 https://access.redhat.com/errata/RHSA-2021:3255
Comment 25 errata-xmlrpc 2021-08-31 07:56:43 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.2 Advanced Update Support

Via RHSA-2021:3323 https://access.redhat.com/errata/RHSA-2021:3323
Comment 26 errata-xmlrpc 2021-08-31 08:04:22 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.3 Advanced Update Support

Via RHSA-2021:3322 https://access.redhat.com/errata/RHSA-2021:3322
Comment 27 errata-xmlrpc 2021-08-31 08:24:31 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 7.6 Advanced Update Support
  Red Hat Enterprise Linux 7.6 Update Services for SAP Solutions
  Red Hat Enterprise Linux 7.6 Telco Extended Update Support

Via RHSA-2021:3317 https://access.redhat.com/errata/RHSA-2021:3317
Comment 28 errata-xmlrpc 2021-08-31 09:21:56 UTC 
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8.2 Extended Update Support

Via RHSA-2021:3364 https://access.redhat.com/errata/RHSA-2021:3364
Note You need to log in before you can comment on or make changes to this bug.