Subject: [ASA-202011-10] linux-hardened: multiple issues Arch Linux Security Advisory ASA-202011-10 ========================================== Severity: Medium Date : 2020-11-10 CVE-ID : CVE-2020-8694 CVE-2020-25704 Package : linux-hardened Type : multiple issues Remote : No Link : https://security.archlinux.org/AVG-1269 Summary ======= The package linux-hardened before version 5.9.8.a-1 is vulnerable to multiple issues including denial of service and information disclosure. Resolution ========== Upgrade to 5.9.8.a-1. # pacman -Syu "linux-hardened>=5.9.8.a-1" The problems have been fixed upstream in version 5.9.8.a. Workaround ========== - CVE-2020-8694 A temporary measure would be to remove the ability for non-root users to read the current RAPL energy reporting metrics. This can be done with the command: # sudo chmod 400 /sys/class/powercap/intel_rapl/*/energy_uj This mitigation will only work on the current boot and will need to be reapplied at each system boot to remain in effect. Description =========== - CVE-2020-8694 (information disclosure) An information disclosure flaw was found in the Linux kernel's Intel Running Average Power Limit (RAPL) implementation. A local non- privileged attacker could infer secrets by measuring power usage and also infer private data by observing the power usage of calculations performed on the data. - CVE-2020-25704 (denial of service) A memory leak has been found in the perf_event_parse_addr_filter function of Linux before 5.9.7, leading to a denial of service. Impact ====== A local attacker might be able to exhaust the memory available on the system, causing a denial of service, or access sensitive information by observing the power usage. References ========== https://www.openwall.com/lists/oss-security/2020/11/09/1 https://git.kernel.org/pub/scm/linux/kernel/git/tip/tip.git/commit/?id=7bdb157cdebbf95a1cd94ed2e01b338714075d00 https://www.openwall.com/lists/oss-security/2020/11/10/5 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=949dd0104c496fa7c14991a23c03c62e44637e71 https://platypusattack.com/ https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html https://github.com/anthraxx/linux-hardened/commit/b72aaa9506b38e68f3476a642d0e42b3071f82bb https://security.archlinux.org/CVE-2020-8694 https://security.archlinux.org/CVE-2020-25704