A newly disclosed security vulnerability in the Linux kernel could be leveraged by a local attacker to gain elevated privileges on vulnerable systems to execute arbitrary code.
Tracked as CVE-2022-4139 (CVSS score: 7.0), the flaw impacts affected Linux kernel stable branches (all since 5.4) and is a result of a security-sensitive bug in the Linux kernel’s GPU i915 kernel driver.
The flaw resides incorrect GPU TLB flush code in the i915 kernel driver. According to the seclists, “Depending on whether the GPU is running behind an active IOMMU there are two possible scenarios which can happen, due to stale TLB mapping:
1. Without IOMMU – GPU can still access physical memory which could be already assigned by OS to different process.
2. With IOMMU – GPU can access any memory, if the malicious process is able to create/reuse necessary IOMMU mappings.”
“An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or data leaks. This flaw could allow a local user to crash the system or escalate their privileges on the system,” Red Hat said in an advisory published on November 30, 2022.
To successfully exploit this vulnerability, attackers need to have access to the targeted system and run their exploit which leads to obtaining sensitive information or causing random memory corruption.
All Intel integrated and discrete GPUs Gen12, including Tiger Lake, Rocket Lake, Alder Lake, DG1, Raptor Lake, DG2, Arctic Sound, and Meteor Lake are vulnerable to CVE-2022-4139.
A researcher has backported the patches to all affected stable branches to address the issue, Red Hat Enterprise Linux, Ubuntu, CentOS, and Debian have not implemented the changes and therefore, are vulnerable to the attacks. If you are an advanced Linux user, apply the patch and rebuild the kernel yourself. OR, you can wait for the next kernel update from your distro provider and apply it as soon as possible.
