Intel's Linux Graphics Driver Updated For Denial Of Service + Privilege Escalation Bugs
Written by Michael Larabel in Intel on 12 November 2019 at 05:34 PM EST. Add A Comment
INTEL --
Of the 77 security advisories Intel is making public and the three big ones of the performance-sensitive JCC Erratum, the new ZombieLoad TAA (TSX Asynchronous Abort), and iTLB Multihit No eXcuses, there are also two fixes to their kernel graphics driver around security issues separate from the CPU woes.

CVE-2019-0155 is about user-space writes to the blitter command streamer that could allow an unprivileged user to elevate their privileges on the system.

CVE-2019-0154 is the other vulnerability and that could result in an unprivileged user being able to cause a denial of service by reading select memory regions when the graphics hardware is in certain low-power configurations.

The Linux kernel has merged the MMIO register read hang and blitter command streamer unrestricted memory accesses issues. Updated graphics firmware is also being made available. These issues appear to affect at least Gen8 and Gen9 graphics hardware (Broadwell through pre-Cannonlake/Icelake). The commit message spells out these two Intel graphics driver vulnerabilities in more detail.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week