Lucene search

K
ubuntucveUbuntu.comUB:CVE-2020-8694
HistoryNov 10, 2020 - 12:00 a.m.

CVE-2020-8694

2020-11-1000:00:00
ubuntu.com
ubuntu.com
19

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

15.6%

Insufficient access control in the Linux kernel driver for some Intel®
Processors may allow an authenticated user to potentially enable
information disclosure via local access.

Notes

Author Note
sbeattie fix will be to adjust the access control bits on the RAPL sysfs files.
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-123.126UNKNOWN
ubuntu20.04noarchlinux< 5.4.0-53.59UNKNOWN
ubuntu20.10noarchlinux< 5.8.0-28.30UNKNOWN
ubuntu14.04noarchlinux< 3.13.0-183.234UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-194.226UNKNOWN
ubuntu20.10noarchlinux-aws< 5.8.0-1013.14UNKNOWN
ubuntu20.10noarchlinux-azure< 5.8.0-1012.13UNKNOWN
ubuntu20.04noarchlinux-gcp< 5.4.0-1029.31UNKNOWN
ubuntu20.10noarchlinux-gcp< 5.8.0-1011.11UNKNOWN
ubuntu16.04noarchlinux-gcp< 4.15.0-1087.100~16.04.1UNKNOWN
Rows per page:
1-10 of 331

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

15.6%