Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2020-8832

Published: 5 March 2020

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.

From the Ubuntu Security Team

Gregory Herrero discovered that the fix for CVE-2019-14615 to address the Linux kernel not properly clearing data structures on context switches for certain Intel graphics processors was incomplete. A local attacker could use this to expose sensitive information.

Notes

AuthorNote
sbeattie
this issue is Ubuntu specific and only affects 4.15 kernels.

Priority

Medium

Cvss 3 Severity Score

5.5

Score breakdown

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-91.92)
eoan Not vulnerable

trusty Not vulnerable

upstream Not vulnerable

xenial Not vulnerable

linux-aws
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1063.67)
eoan Not vulnerable

trusty Ignored
(was needs-triage ESM criteria)
upstream Needs triage

xenial Not vulnerable

linux-aws-5.0
Launchpad, Ubuntu, Debian
bionic Ignored
(end of life, was needs-triage)
trusty Does not exist

upstream Needs triage

xenial Does not exist

eoan Does not exist

linux-azure
Launchpad, Ubuntu, Debian
xenial
Released (4.15.0-1075.80)
upstream Needs triage

trusty
Released (4.15.0-1074.79~14.04.1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only)
bionic Ignored
(end of life, was needs-triage)
eoan Not vulnerable

linux-azure-5.3
Launchpad, Ubuntu, Debian
bionic Not vulnerable

eoan Does not exist

trusty Does not exist

upstream Needs triage

xenial Does not exist

linux-azure-edge
Launchpad, Ubuntu, Debian
bionic Ignored
(end of life, was needs-triage)
eoan Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
linux-gcp
Launchpad, Ubuntu, Debian
bionic Not vulnerable

eoan Not vulnerable

trusty Does not exist

upstream Needs triage

xenial
Released (4.15.0-1058.62)
linux-gcp-5.3
Launchpad, Ubuntu, Debian
bionic Not vulnerable

eoan Does not exist

trusty Does not exist

upstream Not vulnerable

xenial Does not exist

linux-gcp-edge
Launchpad, Ubuntu, Debian
bionic Ignored
(end of life, was needs-triage)
eoan Does not exist

trusty Does not exist

upstream Not vulnerable

xenial Does not exist

linux-gke-4.15
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1055.58)
eoan Does not exist

trusty Does not exist

upstream Not vulnerable

xenial Does not exist

linux-gke-5.0
Launchpad, Ubuntu, Debian
bionic Not vulnerable

eoan Does not exist

trusty Does not exist

upstream Not vulnerable

xenial Does not exist

linux-hwe
Launchpad, Ubuntu, Debian
bionic Not vulnerable

eoan Does not exist

trusty Does not exist

upstream Not vulnerable

xenial
Released (4.15.0-91.92~16.04.1)
linux-hwe-edge
Launchpad, Ubuntu, Debian
bionic Ignored
(end of life, was needs-triage)
eoan Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(end of life, was needs-triage)
linux-kvm
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1056.57)
eoan Not vulnerable

trusty Does not exist

upstream Needs triage

xenial Not vulnerable

linux-lts-trusty
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable

xenial Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

trusty Not vulnerable

upstream Not vulnerable

xenial Does not exist

linux-oem
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1076.86)
eoan
Released (4.15.0-1076.86)
trusty Does not exist

upstream Needs triage

xenial Ignored
(end of standard support, was needs-triage)
linux-oem-5.4
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable

xenial Does not exist

linux-oem-osp1
Launchpad, Ubuntu, Debian
bionic Not vulnerable

eoan Not vulnerable

trusty Does not exist

upstream Needs triage

xenial Does not exist

linux-oracle
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1035.39)
eoan Not vulnerable

trusty Does not exist

upstream Not vulnerable

xenial
Released (4.15.0-1035.38~16.04.1)
linux-oracle-5.0
Launchpad, Ubuntu, Debian
bionic Not vulnerable

eoan Does not exist

trusty Does not exist

upstream Not vulnerable

xenial Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(intel only)
eoan Not vulnerable

trusty Does not exist

upstream Not vulnerable

xenial Not vulnerable

linux-raspi2-5.3
Launchpad, Ubuntu, Debian
bionic Not vulnerable

eoan Does not exist

trusty Does not exist

upstream Not vulnerable

xenial Does not exist

linux-snapdragon
Launchpad, Ubuntu, Debian
bionic Not vulnerable

eoan Does not exist

trusty Does not exist

upstream Not vulnerable

xenial Not vulnerable

linux-aws-hwe
Launchpad, Ubuntu, Debian
upstream Needs triage

trusty Does not exist

xenial
Released (4.15.0-1063.67~16.04.1)
bionic Does not exist

eoan Does not exist

linux-gke-5.3
Launchpad, Ubuntu, Debian
upstream Not vulnerable

trusty Does not exist

xenial Does not exist

bionic Not vulnerable

eoan Does not exist

linux-oracle-5.3
Launchpad, Ubuntu, Debian
upstream Needs triage

trusty Does not exist

xenial Does not exist

bionic Not vulnerable

eoan Does not exist

Severity score breakdown

Parameter Value
Base score 5.5
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact None
Availability impact None
Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N