blob: 4d143c852939e27fe708846e1c4bb4ed365412ce (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
Description: incomplete fix for CVE-2019-14615 allows for a local information exposure
References:
https://bugzilla.redhat.com/show_bug.cgi?id=1817047
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840
Notes:
carnil> Scarse details, so we need to check if this affects upstream
carnil> and Debian or if the icnomplete fix is specific to Red Hat.
carnil> The issue actually relates to LP1862840 an incomplete fix in
carnil> Ubuntu kernel as apart bc8a76a152c5 ("drm/i915/gen9: Clear
carnil> residual context state on context switch"), there is need of
carnil> apply as well d2b4b97933f5 ("drm/i915: Record the default hw
carnil> state after reset upon load") as prerequisite to fix
carnil> CVE-2019-14615. For tracking purpose consider the fix in
carnil> 4.16-rc1 as the first fixed version.
Bugs:
upstream: N/A "Incomplete fix not applied because prerequisite present before"
4.19-upstream-stable: N/A "Incomplete fix not applied because prerequisite present before"
4.9-upstream-stable: N/A "Not reproducible on this version"
3.16-upstream-stable: N/A "No support for this hardware"
sid: N/A "Incomplete fix not applied because prerequisite present before"
4.19-buster-security: N/A "Incomplete fix not applied because prerequisite present before"
4.9-stretch-security: N/A "Not reproducible on this version"
3.16-jessie-security: N/A "No support for this hardware"
|