Allele Security Alert
ASA-2019-00283
Identifier(s)
ASA-2019-00283, CVE-2019-11085, INTEL-SA-00249
Title
Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux
Vendor(s)
Intel
Product(s)
Intel® i915 Graphics
Affected version(s)
Intel® i915 Graphics for Linux before version 5.0
Fixed version(s)
Intel® i915 Graphics for Linux version 5.0 or later
Proof of concept
Unknown
Description
Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
Technical details
Unknown
Credits
Adam Zabrocki
Reference(s)
Intel® i915 Graphics for Linux Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/INTEL-SA-00249.html
drm/i915/gvt: Fix mmap range check
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/gpu/drm/i915/gvt/kvmgt.c?id=51b00d8509dc69c98740da2ad07308b630d3eb7d
drm/i915/gvt/kvmgt: add vfio/mdev support to KVMGT
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/gpu/drm/i915/gvt/kvmgt.c?id=659643f7d814
CVE-2019-11085
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11085
CVE-2019-11085
https://nvd.nist.gov/vuln/detail/CVE-2019-11085
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: August 11, 2019