CVE-2020-8832

NameCVE-2020-8832
DescriptionThe fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
linux (PTS)jessie, jessie (lts)3.16.84-1fixed
stretch (security)4.9.320-2fixed
stretch (lts), stretch4.9.320-3fixed
buster4.19.249-2fixed
buster (security)4.19.304-1fixed
bullseye5.10.209-2fixed
bullseye (security)5.10.205-2fixed
bookworm6.1.76-1fixed
bookworm (security)6.1.85-1fixed
trixie6.6.15-2fixed
sid6.7.9-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
linuxsourcewheezy(unfixed)end-of-life
linuxsourcejessie(not affected)
linuxsourcestretch(not affected)
linuxsource(unstable)4.16.5-1

Notes

[stretch] - linux <not-affected> (Vulnerable code not present, incomplete fix not applied)
[jessie] - linux <not-affected> (No support for this hardware)
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840
The CVE is for an incomplete fix for CVE-2019-14615 which technically only
affects upstream versions (and downstreams) which applied the fix fo
CVE-2019-14615 which is bc8a76a152c5 ("drm/i915/gen9: Clear residual context
state on context switch"). But there is need to apply as well the prerequistite
d2b4b97933f5 ("drm/i915: Record the default hw state after reset upon load").
Search for package or bug name: Reporting problems