Intel's Linux Graphics Driver Gets Patched For A Gen9 Graphics Vulnerability

Written by Michael Larabel in Intel on 14 January 2020 at 01:29 PM EST. 20 Comments
INTEL
On top of the Intel graphics driver patches back from November for denial of service and privilege escalation bugs, the Linux kernel received a new patch today for "CVE-2019-14615" regarding a possible data disclosure with Gen9 graphics hardware.

CVE-2019-14615 hasn't been made public yet but the commit (63d264fe) merged to mainline today, this second Tuesday of the month, explains:
Insufficient control flow in certain data structures for some Intel Processors with Intel Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access

This provides mitigation for Gen9 hardware. Note that Gen8 is not impacted due to a previously implemented workaround.

The mitigation involves using an existing hardware feature to forcibly clear down all EU state at each context switch

It's important to note with this vulnerability leading to possible information disclosure, local access to the system is required.


Intel Gen9 graphics cover from Skylake through Coffee Lake (and basically everything on the market pre-Gen11 Icelake).


The workaround to force the clearing of all execution unit state on each context switch amounts to an eight line kernel patch. While currently in Linux 5.5 Git, the patch will presumably be found in stable kernel point releases in short order.

Update; Intel Gen7/Gen7.5 graphics hardware is also affected and requires a separate yet-to-be-mainlined mitigation.
20 Comments
Related News
Intel Proposes Using Netlink For Linux Graphics Driver RAS & Telemetry
Intel Arc Graphics A750/A770 Quick Linux Competition With The Radeon RX 7600
Intel Engineers Revise Key Locker Implementation For Linux
Intel's Open Image Denoise 2.0 Brings SYCL For Xe GPUs, NVIDIA CUDA, AMD HIP
Fedora's RPM Fusion Adds Experimental Intel IPU6 Web Camera Support
Linux 6.4 Lands Intel Alder Lake / Raptor Lake Workaround For INVLPG/PCID Bug
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
AMD Has A One-Liner To Help Speed Up Linux System Resume Time
CodeWeavers Now Controlled By An Employee Ownership Trust
LLVM's libc Gets Much Faster memcpy For RISC-V
Intel Publishes "X86-S" Specification For 64-bit Only Architecture
Big Patch Series Prepares The Linux Audio Drivers For MIDI 2.0
Podman Desktop 1.0 Released As An Alternative To Docker Desktop
KDE Begins Laying The Groundwork For HDR Support, Wayland Color Management
Mesa "Terakan" Driver Aims To Provide Vulkan Support For Old Radeon HD 6000 Series