CVE-2020-8694 log

Severity Medium
Remote No
Type Information disclosure
An information disclosure flaw was found in the Linux kernel's Intel Running Average Power Limit (RAPL) implementation. A local non-privileged attacker could infer secrets by measuring power usage and also infer private data by observing the power usage of calculations performed on the data.
Group Package Affected Fixed Severity Status Ticket
AVG-1275 linux-lts 5.4.76-1 5.4.77-1 Medium Fixed
AVG-1274 linux 5.9.7.arch1-1 5.9.8.arch1-1 Medium Fixed
AVG-1273 linux-zen 5.9.7.zen1-1 5.9.8.zen1-1 Medium Fixed
AVG-1269 linux-hardened 5.9.7.a-1 5.9.8.a-1 Medium Fixed
Date Advisory Group Package Severity Type
10 Nov 2020 ASA-202011-10 AVG-1269 linux-hardened Medium multiple issues
A temporary measure would be to remove the ability for non-root users to read the current RAPL energy reporting metrics.
This can be done with the command:

# sudo chmod 400 /sys/class/powercap/intel_rapl/*/energy_uj

This mitigation will only work on the current boot and will need to be reapplied at each system boot to remain in effect.