CVE-2020-8832
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
Summary
The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Ubuntu | 18.04 LTS (bionic) Linux kernel | 4.15.x kernels < 4.15.0-91.92 | affected |
Weaknesses
- CWE-200: CWE-200 Information Exposure
ADP Enrichment
CVE Program Container
Additional References
- https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840
- https://usn.ubuntu.com/usn/usn-4302-1
- https://security.netapp.com/advisory/ntap-20200430-0004/
References
- https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840
- https://usn.ubuntu.com/usn/usn-4302-1
- https://security.netapp.com/advisory/ntap-20200430-0004/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.