Early Access — Mondoo Vulnerability Intelligence is currently in preview.

UBUNTU-CVE-2020-8832

MEDIUM5.5

Published Mar 5, 2020

Modified 6 months ago

Fix available

Details

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.

Affected Packages

Ubuntu:18.04:LTSlinux

Affected versions:

4.13.0-16.194.13.0-17.204.13.0-25.294.13.0-32.354.15.0-10.114.15.0-12.134.15.0-13.144.15.0-15.164.15.0-19.204.15.0-20.21+35 more

Fixed in:

4.15.0-91.92

Ubuntu:Pro:14.04:LTSlinux-aws

Affected versions:

4.4.0-1002.24.4.0-1003.34.4.0-1005.54.4.0-1006.64.4.0-1009.94.4.0-1010.104.4.0-1011.114.4.0-1012.124.4.0-1014.144.4.0-1016.16+94 more

Ubuntu:18.04:LTSlinux-aws

Affected versions:

4.15.0-1001.14.15.0-1003.34.15.0-1005.54.15.0-1006.64.15.0-1007.74.15.0-1009.94.15.0-1010.104.15.0-1011.114.15.0-1016.164.15.0-1017.17+29 more

Fixed in:

4.15.0-1063.67

Ubuntu:Pro:18.04:LTSlinux-aws-5.0

Affected versions:

5.0.0-1021.24~18.04.15.0.0-1022.25~18.04.15.0.0-1023.26~18.04.15.0.0-1024.27~18.04.15.0.0-1025.285.0.0-1027.30

Ubuntu:16.04:LTSlinux-aws-hwe

Affected versions:

4.15.0-1030.31~16.04.14.15.0-1031.33~16.04.14.15.0-1032.34~16.04.14.15.0-1033.35~16.04.14.15.0-1035.37~16.04.14.15.0-1036.38~16.04.14.15.0-1039.41~16.04.14.15.0-1040.42~16.04.14.15.0-1041.43~16.04.14.15.0-1043.45~16.04.1+12 more

Fixed in:

4.15.0-1063.67~16.04.1

Ubuntu:16.04:LTSlinux-azure

Affected versions:

4.11.0-1009.94.11.0-1011.114.11.0-1013.134.11.0-1014.144.11.0-1015.154.11.0-1016.164.13.0-1005.74.13.0-1006.84.13.0-1007.94.13.0-1009.12+43 more

Fixed in:

4.15.0-1075.80

Ubuntu:14.04:LTSlinux-azure

Affected versions:

4.15.0-1023.24~14.04.14.15.0-1030.31~14.04.14.15.0-1031.32~14.04.14.15.0-1032.33~14.04.24.15.0-1035.36~14.04.24.15.0-1036.38~14.04.24.15.0-1037.39~14.04.24.15.0-1039.41~14.04.24.15.0-1040.44~14.04.14.15.0-1041.45~14.04.1+11 more

Ubuntu:Pro:14.04:LTSlinux-azure

Affected versions:

Fixed in:

4.15.0-1074.79~14.04.1

Ubuntu:Pro:18.04:LTSlinux-azure

Affected versions:

4.15.0-1002.24.15.0-1003.34.15.0-1004.44.15.0-1008.84.15.0-1009.94.15.0-1012.124.15.0-1013.134.15.0-1014.144.15.0-1018.184.15.0-1019.19+34 more

Ubuntu:Pro:18.04:LTSlinux-azure-edge

Affected versions:

4.18.0-1006.6~18.04.14.18.0-1007.7~18.04.14.18.0-1008.8~18.04.15.0.0-1012.12~18.04.2

Ubuntu:16.04:LTSlinux-gcp

Affected versions:

4.10.0-1004.44.10.0-1006.64.10.0-1007.74.10.0-1008.84.10.0-1009.94.13.0-1002.54.13.0-1006.94.13.0-1007.104.13.0-1008.114.13.0-1011.15+34 more

Fixed in:

4.15.0-1058.62

Ubuntu:Pro:18.04:LTSlinux-gcp-edge

Affected versions:

4.18.0-1004.5~18.04.14.18.0-1005.6~18.04.14.18.0-1006.7~18.04.14.18.0-1007.8~18.04.14.18.0-1008.9~18.04.14.18.0-1009.10~18.04.14.18.0-1011.12~18.04.14.18.0-1012.13~18.04.14.18.0-1013.14~18.04.14.18.0-1015.16~18.04.1+2 more

Ubuntu:18.04:LTSlinux-gke-4.15

Affected versions:

4.15.0-1030.324.15.0-1032.344.15.0-1033.354.15.0-1034.364.15.0-1036.384.15.0-1037.394.15.0-1040.424.15.0-1041.434.15.0-1042.444.15.0-1044.46+6 more

Fixed in:

4.15.0-1055.58

Ubuntu:16.04:LTSlinux-hwe

Affected versions:

4.10.0-27.30~16.04.24.10.0-28.32~16.04.24.10.0-30.34~16.04.14.10.0-32.36~16.04.14.10.0-33.37~16.04.14.10.0-35.39~16.04.14.10.0-37.41~16.04.14.10.0-38.42~16.04.14.10.0-40.44~16.04.14.10.0-42.46~16.04.1+56 more

Fixed in:

4.15.0-91.92~16.04.1

Ubuntu:Pro:16.04:LTSlinux-hwe-edge

Affected versions:

4.10.0-14.16~16.04.14.10.0-19.21~16.04.14.10.0-20.22~16.04.14.10.0-21.23~16.04.14.10.0-22.24~16.04.14.10.0-24.28~16.04.14.10.0-26.30~16.04.14.11.0-13.19~16.04.14.11.0-14.20~16.04.14.13.0-16.19~16.04.3+13 more

Ubuntu:Pro:18.04:LTSlinux-hwe-edge

Affected versions:

5.0.0-15.16~18.04.15.0.0-16.17~18.04.15.0.0-17.18~18.04.15.0.0-19.20~18.04.15.0.0-20.21~18.04.15.3.0-19.20~18.04.25.3.0-22.24~18.04.15.3.0-23.25~18.04.15.3.0-23.25~18.04.25.3.0-24.26~18.04.2

Ubuntu:18.04:LTSlinux-kvm

Affected versions:

4.15.0-1002.24.15.0-1003.34.15.0-1004.44.15.0-1006.64.15.0-1008.84.15.0-1010.104.15.0-1011.114.15.0-1012.124.15.0-1016.164.15.0-1017.17+27 more

Fixed in:

4.15.0-1056.57

Ubuntu:18.04:LTSlinux-oem

Affected versions:

4.15.0-1002.34.15.0-1004.54.15.0-1006.94.15.0-1008.114.15.0-1009.124.15.0-1012.154.15.0-1013.164.15.0-1015.184.15.0-1017.204.15.0-1018.21+24 more

Fixed in:

4.15.0-1076.86

Ubuntu:18.04:LTSlinux-oracle

Affected versions:

4.15.0-1007.94.15.0-1008.104.15.0-1009.114.15.0-1010.124.15.0-1011.134.15.0-1013.154.15.0-1014.164.15.0-1015.174.15.0-1017.194.15.0-1018.20+10 more

Fixed in:

4.15.0-1035.39

Ubuntu:16.04:LTSlinux-oracle

Affected versions:

4.15.0-1007.9~16.04.14.15.0-1008.10~16.04.14.15.0-1009.11~16.04.14.15.0-1010.12~16.04.14.15.0-1011.13~16.04.14.15.0-1013.15~16.04.14.15.0-1014.16~16.04.14.15.0-1015.17~16.04.14.15.0-1017.19~16.04.24.15.0-1018.20~16.04.1+10 more

Fixed in:

4.15.0-1035.38~16.04.1

References

REPORThttps://ubuntu.com/security/CVE-2020-8832 REPORThttps://ubuntu.com/security/notices/USN-4302-1 REPORThttps://www.cve.org/CVERecord?id=CVE-2020-8832

CVSS Analysis

CVSS v3.1

5.5

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

NoneI:N

Availability

NoneA:N

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CVE-2020-8832 USN-4302-1

Ecosystems

Ubuntu 18.04 LTS Ubuntu Pro 14.04 LTS Ubuntu Pro 18.04 LTS Ubuntu 16.04 LTS Ubuntu 14.04 LTS Ubuntu Pro 16.04 LTS

Timeline

PublishedMar 5, 2020

ModifiedJul 1, 2025

UBUNTU-CVE-2020-8832 | Mondoo Vulnerability Intelligence

UBUNTU-CVE-2020-8832

Details

Affected Packages

References

CVSS Analysis

Related

Ecosystems

Timeline