CVE-2019-0155

Name of the Vulnerable Software and Affected Versions Intel Graphics Driver versions prior to 26.20.100.6813 (DCH) or 26.20.100.6812 and prior to 21.20.x.5077 (aka15.45.5077) i915 Linux Driver for Intel Processor Graphics versions prior to 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 Intel Core Processor Families 6th, 7th, 8th and 9th Generation Intel Pentium Processor J, N, Silver and Gold Series Intel Celeron Processor J, N, G3900 and G4900 Series Intel Atom Processor A and E3900 Series Intel Xeon Processor E3-1500 v5 and v6, E-2100 and E-2200 Processor Families

Description The issue is related to insufficient access control in a subsystem for Intel processor graphics, which may allow an authenticated user to potentially enable escalation of privilege via local access. The problem is associated with the lack of security checks in the bit array copy command buffer (BCS) of the Intel i915 graphics driver microcode. Exploitation of the issue may allow an attacker to modify entries in the page table through MMIO (Memory Mapped Input Output) manipulations and potentially elevate their privileges.

Recommendations For Intel Graphics Driver versions prior to 26.20.100.6813 (DCH) or 26.20.100.6812 and prior to 21.20.x.5077 (aka15.45.5077), update to version 26.20.100.6813 (DCH) or 26.20.100.6812 and 21.20.x.5077 (aka15.45.5077) or later. For i915 Linux Driver for Intel Processor Graphics versions prior to 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201, update to version 5.4-rc7, 5.3.11, 4.19.84, 4.14.154, 4.9.201, 4.4.201 or later. As a temporary workaround, consider restricting access to the MMIO (Memory Mapped Input Output) to minimize the risk of exploitation.