Linux 6.0.11, 5.15.81 & 5.10.157 Released With Intel Gen12 Graphics Security Fix
Made public earlier this week was CVE-2022-4139 as a security sensitive bug around GPU TLB flushing. From the disclosure description:
In some cases (Gen12 hardware with specific types of engine) the engine's TLB is not flushed at all. Depending on whether the GPU is running behind an active IOMMU there are two possible scenarios which can happen, due to stale TLB mapping: 1. Without IOMMU - GPU can still access physical memory which could be already assigned by OS to different process. 2. With IOMMU - GPU can access any memory, if the malicious process is able to create/reuse necessary IOMMU mappings.
It is currently not known if specific memory could be targeted, but random memory corruption or data leaks are a known possibility.
All Intel integrated and discrete GPUs Gen12 are affected, including Tiger Lake, Rocket Lake, Alder Lake, DG1, Raptor Lake, DG2, Arctic Sound, Meteor Lake. Fix has already been developed and consists of fixing the method of writing to specific registers.
Linux 6.0.11, Linux 5.15.81, and Linux 5.10.157 are out today that have this "drm/i915: fix TLB invalidation for Gen12 video and compute engines" fix along with a variety of other bug fixes.
This Intel i915 kernel graphics driver security issue affects Gen12 graphics hardware, going back to Tigerlake. The fix landed in Linux 6.1 Git earlier this week and now appearing in supported stable kernels.