This is CVE-2020-7053

** CVE added:

You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.

  use-after-free in i915_ppgtt_close

Status in linux package in Ubuntu:
  Fix Released
Status in linux source package in Bionic:
  In Progress
Status in linux source package in Disco:
  In Progress

Bug description:

  Quan Luo and ycq from Codesafe Team of Legendsec at Qi'anxin Group
  reported a use-after-free issue in the i915 driver. This issue has
  been fixed in the upstream kernel starting in v5.2 with the following

  The flaw was introduced in v4.14 with this change:

  The problem can be fixed by expanding the usage of struct_mutex to
  include the GEM context lookup. A fix has been submitted to the
  upstream stable list:

  [Test Case]

  Enable KASAN and exercise the affected code path using the PoC
  provided by Quan Luo.

  [Regression Potential]

  Low. This approach was suggested by upstream and has been well tested.

To manage notifications about this bug go to:

Mailing list:
Post to     :
Unsubscribe :
More help   :

Reply via email to