ASA-2019-00029 – Linux: Missing access_ok() checks in IOCTL function i915_gem_execbuffer2_ioctl() [REJECTED]

Posted on by Allele Security Intelligence in Alerts

Allele Security Alert

ASA-2019-00029

Identifier(s)

ASA-2019-00029, CVE-2018-20669

Title

Missing access_ok() checks in IOCTL function i915_gem_execbuffer2_ioctl()

Vendor(s)

Linux foundation

Product(s)

Linux

Affected version(s)

Linux kernel before v5.0-rc1

Fixed version(s)

Linux kernel v5.0-rc1 and later

Proof of concept

Unknown

Description

Due to a lack of access_ok() checks in i915_gem_execbuffer2_ioctl(), it is possible to achieve escalation of privilege.

Technical details

Unknown

Credits

Unknown

Reference(s)

Linux Kernel: Missing access_ok() checks in IOCTL function (gpu/drm/i915 Driver)
https://seclists.org/oss-sec/2019/q1/88

make ‘user_access_begin()’ do ‘access_ok()’
https://github.com/torvalds/linux/commit/594cc251fdd0d231d342d88b2fdff4bc42fb0690

CVE-2018-20669
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20669

CVE-2018-20669
https://nvd.nist.gov/vuln/detail/CVE-2018-20669

If there is any error in this alert or you wish a comprehensive analysis, let us know.

Last modified: October 31, 2019

We are not responsible for any data loss, device corruption or any other type of issue due to the use of any information mentioned in our security alerts.