Linux 6.0.11, 5.15.81 & 5.10.157 Released With Intel Gen12 Graphics Security Fix

Written by Michael Larabel in Linux Kernel on 2 December 2022 at 12:00 PM EST. 2 Comments
LINUX KERNEL
Greg Kroah-Hartman released a trio of stable kernel updates this morning that are notable in part for having mitigated the recently disclosed i915 driver security issue affecting Intel "Gen12" graphics from Tigerlake integrated graphics up through the DG2/Alchemist Arc Graphics.

Made public earlier this week was CVE-2022-4139 as a security sensitive bug around GPU TLB flushing. From the disclosure description:
In some cases (Gen12 hardware with specific types of engine) the engine's TLB is not flushed at all. Depending on whether the GPU is running behind an active IOMMU there are two possible scenarios which can happen, due to stale TLB mapping: 1. Without IOMMU - GPU can still access physical memory which could be already assigned by OS to different process. 2. With IOMMU - GPU can access any memory, if the malicious process is able to create/reuse necessary IOMMU mappings.

It is currently not known if specific memory could be targeted, but random memory corruption or data leaks are a known possibility.

All Intel integrated and discrete GPUs Gen12 are affected, including Tiger Lake, Rocket Lake, Alder Lake, DG1, Raptor Lake, DG2, Arctic Sound, Meteor Lake. Fix has already been developed and consists of fixing the method of writing to specific registers.

Linux 6.0.11, Linux 5.15.81, and Linux 5.10.157 are out today that have this "drm/i915: fix TLB invalidation for Gen12 video and compute engines" fix along with a variety of other bug fixes.


This Intel i915 kernel graphics driver security issue affects Gen12 graphics hardware, going back to Tigerlake. The fix landed in Linux 6.1 Git earlier this week and now appearing in supported stable kernels.

Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week