A vulnerability was found in kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).
Mitigation: To mitigate this issue, prevent the module nouveau from being loaded. Please see https://access.redhat.com/solutions/41278 for information on how to blacklist a kernel module to prevent it from loading automatically.
Statement: This flaw is rated as having a Low impact because the issue can only be triggered by an privileged local user (or user with physical access) as the issue only happens during unbinding the driver or removing the device.
External References: https://lore.kernel.org/dri-devel/20201103194912.184413-2-jcline@redhat.com/ https://lore.kernel.org/dri-devel/20201103194912.184413-3-jcline@redhat.com/ https://lore.kernel.org/dri-devel/20201103194912.184413-4-jcline@redhat.com/
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 1904039]
Acknowledgments: Name: Jeremy Cline (Red Hat)
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1975 https://access.redhat.com/errata/RHSA-2022:1975
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2022:1988 https://access.redhat.com/errata/RHSA-2022:1988
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2020-27820