CVE-2020-7053

Name of the Vulnerable Software and Affected Versions Linux kernel versions 4.14 through 4.14.165 Linux kernel versions 4.19 through 4.19.96 Linux kernel versions 5.x before 5.2

Description The issue is related to a use-after-free in the i915 ppgtt close function in drivers/gpu/drm/i915/i915 gem gtt.c. This is connected to the i915 gem context destroy ioctl function in drivers/gpu/drm/i915/i915 gem context.c. The vulnerability can be exploited to cause a denial of service using the Intel i915 graphics driver system call.

Recommendations For Linux kernel versions 4.14 through 4.14.165, update to a version after 4.14.165 to resolve the issue. For Linux kernel versions 4.19 through 4.19.96, update to a version after 4.19.96 to resolve the issue. For Linux kernel versions 5.x before 5.2, update to version 5.2 or later to resolve the issue. As a temporary workaround, consider restricting access to the i915 gem context destroy ioctl system call to minimize the risk of exploitation.