Re: New CVE entries in this week


Pavel Machek
 

Hi!
CVE-2022-0330: drm/i915: Flush TLBs before releasing backing store

CVSS v3 score is not provided

Vulnerability in the i915 driver. Without an active IOMMU malicious
userspace can gain access (from the
code executing on the GPU) to random memory pages.

Fixed status

mainline: [7938d61591d33394a21bdd7797a245b65428f44c]
Wow. This must have been important. It looks like 5.10.95 (+4.4 and
4.19) was released just to get this fixed. Fix is "interesting" but...
it should be fixed.

Best regards,
Pavel
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany

Join cip-dev@lists.cip-project.org to automatically receive all group messages.