Linux kernel developer Greg Kroah-Hartman today released maintenance updates for Linux 6.0.11, Linux 5.15.81, and Linux 5.10.157. This update mitigates the recently disclosed security issues with the i915 driver, affecting everything from Tigerlake integrated graphics to Intel’s “Gen12” solo graphics in DG2 / Alchemist Arc.
The CVE-2022-4139 vulnerability discovered earlier this week is a security flaw surrounding GPU TLB flushing. In some cases (Gen12 hardware with a specific type of engine), the TLB of the engine is not flushed. a local attacker could use the vulnerability to elevate privileges on the device in question to execute arbitrary code.
The seclists page indicates that the vulnerability runs behind an active IOMMU depending on whether the GPU has two possible scenarios that could occur.
- there is no IOMMU – the GPU can still access physical memory, which may have been allocated by the OS to a different process.
- There is an IOMMU – the GPU can access any memory if the malicious process is able to create/reuse the necessary IOMMU mappings.
An incorrect TLB flush issue was discovered in the GPU i915 kernel driver for the Linux kernel that could lead to random memory corruption or data leakage,” Red Hat said in a Nov. 30, 2022, advisory. This vulnerability could allow local users to crash the system or elevate their privileges on the system.”
All Intel Collective and Solo Gen12 are affected, including Tiger Lake, Rocket Lake, Alder Lake, DG1, Raptor Lake, DG2, Arctic Sound, and Meteor Lake.
In today’s release of Linux 6.0.11, Linux 5.15.81 and Linux 5.10.157 the changelog states: “DRM / i915: fix TLB failure for Gen12 video and compute engines”.
