USN-4255-1

Details

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. (CVE-2019-14615)

It was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-7053)

Affected Packages

Ubuntu:18.04:LTSlinux

Fixed in:

4.15.0-76.86

Ubuntu:18.04:LTSlinux-aws

Fixed in:

4.15.0-1058.60

Ubuntu:18.04:LTSlinux-oem

Fixed in:

4.15.0-1067.77

References

REPORThttps://ubuntu.com/security/CVE-2019-14615 REPORThttps://ubuntu.com/security/CVE-2020-7053 ADVISORYhttps://ubuntu.com/security/notices/USN-4255-1

USN-4255-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline