First published: Mon Aug 19 2019(Updated: )
A flaw was found in how the ACPI table loading through the EFI variable (and the related efivar_ssdt boot option) was handled when the Linux kernel was locked down. This flaw allows a (root) privileged local user to circumvent the kernel lockdown restrictions. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/kernel-rt | <0:4.18.0-193.14.3.rt13.67.el8_2 | 0:4.18.0-193.14.3.rt13.67.el8_2 |
redhat/kernel | <0:4.18.0-193.14.3.el8_2 | 0:4.18.0-193.14.3.el8_2 |
redhat/kernel | <0:4.18.0-80.27.2.el8_0 | 0:4.18.0-80.27.2.el8_0 |
redhat/kernel | <0:4.18.0-147.24.2.el8_1 | 0:4.18.0-147.24.2.el8_1 |
Linux Linux kernel | <5.4 | |
openSUSE Leap | =15.1 | |
Canonical Ubuntu Linux | =16.04 | |
Canonical Ubuntu Linux | =18.04 | |
debian/linux | 5.10.223-1 5.10.226-1 6.1.115-1 6.1.119-1 6.12.5-1 6.12.6-1 |
Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)