CVE-2020-36787

Name of the Vulnerable Software and Affected Versions Linux kernel (affected versions not specified)

Description The issue is related to the Linux kernel's media subsystem, specifically the Aspeed video driver. It introduces improper reset on the Video Engine hardware, causing unexpected DMA memory transfers that can corrupt memory regions in random and sporadic patterns. This issue is observed very rarely on some specific AST2500 SoCs but causes a critical kernel panic, making it extremely hard to debug. The problem occurs even when the video engine is not actively used because udevd turns on the video engine hardware for a short time to make a query in every boot.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.