FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

drm graphics drivers -- potential information disclusure via local access

Affected packages
drm-fbsd11.2-kmod < 4.11.g20200115
drm-fbsd12.0-kmod < 4.16.g20200115
drm-current-kmod < 4.16.g20200115
drm-devel-kmod < 5.0.g20200115

Details

VuXML ID d2c2c815-3793-11ea-8be3-54e1ad3d6335
Discovery 2020-01-14
Entry 2020-01-15

Intel reports:

.A potential security vulnerability in Intel(R) Processor Graphics may allow information disclosure. Intel is releasing software updates to mitigate this potential vulnerability.

Description: Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.

This patch provides mitigation for Gen9 hardware only. Patches for Gen7 and Gen7.5 will be provided later. Note that Gen8 is not impacted due to a previously implemented workaround. The mitigation involves using an existing hardware feature to forcibly clear down all EU state at each context switch.

References

CVE Name CVE-2019-14615
URL https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00314.html