CVE-2020-8832

medium

Description

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.

References

https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1862840

https://security.netapp.com/advisory/ntap-20200430-0004/

https://usn.ubuntu.com/usn/usn-4302-1

Details

Source: Mitre, NVD

Published: 2020-04-10

Risk Information

CVSS v2

Base Score: 2.1

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 5.5

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Severity: Medium