The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.
Advisories
Source ID Title
EUVD EUVD EUVD-2020-29675 The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.
Ubuntu USN Ubuntu USN USN-4302-1 Linux kernel vulnerabilities
Fixes

Solution

Update to linux kernel 4.15.0-91.92 or newer, or apply the following commits: (20ccd4d3f689ac14dce8632d76769be0ac952060) drm/i915: Use same test for eviction and submitting kernel context (1803fcbca2e444f7972430c4dc1c3e98c6ee1bc9) drm/i915: Define an engine class enum for the uABI (ae6c4574782dbfebcbf1f7e3620bcaf58ceb69e3) drm/i915: Force the switch to the i915->kernel_context (f58d13d5717938d4dfcc82a2eeba0a6d7644f6e5) drm/i915: Move GT powersaving init to i915_gem_init() (cc6a818ad6bdb0d3008314cbd0fc9c9a2cd02695) drm/i915: Move intel_init_clock_gating() to i915_gem_init() (d378a3efb819e6d1992127122d957337571b4594) drm/i915: Inline intel_modeset_gem_init() (f4e15af7e21861445821d5f09922ef7e695269a1) drm/i915: Mark the context state as dirty/written (d2b4b97933f5adacfba42dc3b9200d0e21fbe2c4) drm/i915: Record the default hw state after reset upon load


Workaround

No workaround given by the vendor.

History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2024-09-17T02:51:41.129Z

Reserved: 2020-02-10T00:00:00

Link: CVE-2020-8832

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-04-10T00:15:11.990

Modified: 2024-11-21T05:39:31.790

Link: CVE-2020-8832

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-03-25T00:00:00Z

Links: CVE-2020-8832 - Bugzilla

cve-icon OpenCVE Enrichment

No data.