Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 754219 (CVE-2020-8694)

Summary: kernel: Insufficient access control vulnerability in PowerCap Framework (CVE-2020-8694)
Product: Gentoo Linux Reporter: Thomas Deutschmann (RETIRED) <whissi>
Component: StabilizationAssignee: Gentoo Kernel Security <security-kernel>
Status: RESOLVED FIXED    
Severity: blocker Keywords: CC-ARCHES, STABLEREQ
Priority: Highest Flags: nattka: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html
See Also: https://bugs.gentoo.org/show_bug.cgi?id=756691
Whiteboard:
Package list:
sys-kernel/gentoo-sources-4.4.246 sys-kernel/gentoo-sources-4.9.246 sys-kernel/gentoo-sources-4.14.209 sys-kernel/gentoo-sources-4.19.160 sys-kernel/gentoo-sources-5.4.80-r1
 Runtime testing required: ---
Bug Depends on: 756781    
Bug Blocks:    

Description Thomas Deutschmann (RETIRED) gentoo-dev 2020-11-13 00:11:52 UTC 
A flaw was found in the Linux kernel's implementation of Intel's Running Average Power Limit (RAPL) implementation. A local attacker could infer secrets by measuring power usage and also infer private data by observing the power usage of calculations performed on the data.
Comment 1 NATTkA bot gentoo-dev 2020-11-13 00:12:55 UTC 
Unable to check for sanity:

> no match for package: sys-kernel/gentoo-sources-4.4.244
Comment 2 NATTkA bot gentoo-dev 2020-11-18 21:04:51 UTC 
Resetting sanity check; keywords are not fully specified and arches are not CC-ed.
Comment 3 NATTkA bot gentoo-dev 2020-11-22 15:44:50 UTC 
Unable to check for sanity:

> no match for package: sys-kernel/gentoo-sources-4.4.245
Comment 4 NATTkA bot gentoo-dev 2020-11-22 21:02:05 UTC 
Resetting sanity check; keywords are not fully specified and arches are not CC-ed.
Comment 5 NATTkA bot gentoo-dev 2020-11-24 03:56:51 UTC 
Unable to check for sanity:

> package masked: sys-kernel/gentoo-sources-4.9.245
Comment 6 NATTkA bot gentoo-dev 2020-11-24 19:44:55 UTC 
Resetting sanity check; keywords are not fully specified and arches are not CC-ed.
Comment 7 Thomas Deutschmann (RETIRED) gentoo-dev 2020-11-25 11:00:40 UTC 
x86 stable
Comment 8 Thomas Deutschmann (RETIRED) gentoo-dev 2020-11-25 11:01:14 UTC 
amd64 stable
Comment 9 Agostino Sarubbo gentoo-dev 2020-11-26 06:56:28 UTC 
ppc64 stable
Comment 10 Agostino Sarubbo gentoo-dev 2020-11-27 16:11:48 UTC 
sparc stable
Comment 11 Agostino Sarubbo gentoo-dev 2020-11-28 09:13:50 UTC 
ppc stable
Comment 12 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-12-24 13:58:26 UTC 
arm{,64} done
Comment 13 Thomas Deutschmann (RETIRED) gentoo-dev 2020-12-24 14:07:01 UTC 
hppa marked stabled