Bug 1817047 (CVE-2020-8832) - CVE-2020-8832 kernel: incomplete fix for CVE-2019-14615 allows for a local information exposure
Summary: CVE-2020-8832 kernel: incomplete fix for CVE-2019-14615 allows for a local in...
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: CVE-2020-8832
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1817048 1837161 1837162 1837163 1837164 1837165
Blocks: 1817052
TreeView+ depends on / blocked
 
Reported: 2020-03-25 13:39 UTC by Marian Rehak
Modified: 2021-04-22 04:15 UTC (History)
43 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
An information disclosure flaw was found in the Linux kernel. The original fix for CVE-2019-14615 was deemed to be incomplete. The i915 graphics driver lacks control of flow for data structures which may allow a local, authenticated user to disclose information when using ioctl commands with an attached i915 device. The highest threat from this vulnerability is to data confidentiality.
Clone Of:
Environment:
Last Closed: 2021-04-22 04:15:34 UTC
Embargoed:


Attachments (Terms of Use)

Description Marian Rehak 2020-03-25 13:39:06 UTC
The fix for CVE-2019-14615 to address the Linux kernel not properly clearing data structures on context switches for certain Intel graphics processors was incomplete. A local attacker could use this to expose sensitive information.

https://lists.ubuntu.com/archives/kernel-team/2020-February/107444.html

Comment 1 Marian Rehak 2020-03-25 13:39:50 UTC
Created kernel tracking bugs for this issue:

Affects: fedora-all [bug 1817048]

Comment 2 Wade Mealing 2020-05-14 12:44:31 UTC
Mitigation:

Preventing loading of the i915 kernel module will prevent attackers from using this exploit against the system; however, the power management functionality of the card will be disabled and the system may draw additional power. See the kcs “How do I blacklist a kernel module to prevent it from loading automatically?“  (https://access.redhat.com/solutions/41278) for instructions on how to disable a kernel module from autoloading. Graphical displays may also be at low resolution or not work correctly.

This mitigation may not be suitable if the graphical login functionality is required.

Comment 3 Wade Mealing 2020-05-14 12:53:43 UTC
This flaw is rated as moderate, it appears to only leak graphic shader context, not screen contents.

Unlike the previous CVE, this fix is not valid at this point in Red Hat Enterprise Linux 6's lifecycle.

Comment 9 Dave Airlie 2021-04-22 04:10:26 UTC
This dosen't apply to us as we are not going to close the original bug for that hardware until 8.5 Y stream.

Comment 10 Wade Mealing 2021-04-22 04:15:34 UTC
Ok closing up, since we're considering this fixed for the releases.  Older hardware fixes will filter in on 8.5


Note You need to log in before you can comment on or make changes to this bug.