CVE-2020-8832 MEDIUM

CVE-2020-8832: Ubuntu 18.04 Linux kernel i915 incomplete fix for CVE-2019-14615

Vendor Ubuntu
Product 18.04 LTS (bionic) Linux kernel
Weakness CWE-200 · Info exposure
Published April 9, 2020
Last update September 17, 2024
View on NVD All CVEs

CVSS base score

5.5/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.

Key dates

02Disclosure timeline

April 9, 2020 CVE published
September 17, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-12329 Essential Real Estate <= 5.1.6 - Missing Authorization to Authenticated (Contributor+) Information Exposure CVE-2024-47868 Several components’ post-process steps may allow arbitrary file leaks in Gradio CVE-2023-48714 Record titles for restricted records can be viewed if exposed by GridFieldAddExistingAutocompleter CVE-2023-49283 Test code in published microsoft-graph-core package exposes phpinfo() CVE-2023-23935 Presence of restricted personal Discourse messages may be leaked if tagged with a tag