Security News > 2022 > February > Linux kernel patches “performance can be harmful” bug in video driver

That's the sort of glitch behind CVE-2022-0330, a Linux kernel bug in the Intel i915 graphics card driver that was patched last week.

Permission to load and run code on the GPU. Once again, in some environments, users might have graphics processing uniut "Coding powers" not because they are avid gamers, but in order to take advantages of the GPU's huge performance for specialised programming - everything from image and video rendering, through cryptomining, to cryptographic research.

User X says, "Do this calculation in the GPU, and use the shared memory buffer Y for the calculations." Processor builds up a list of TLB entries to help the GPU driver and the user access buffer Y quickly.

Kernel doesn't flush the TLB data that gives user X a "Fast track" to some or all parts of buffer Y. User X says, "Run some more code on the GPU," this time without specifying a buffer of its own.

So some of User X's memory accesses will inadvertently read out data from a stale physical address that no longer belongs to User X. That data could contain confidential data stored there by User Z, the new "Owner" of buffer Y. So, User X might be able to sneak a peek at fragments of someone else's data in real-time, and perhaps even write to some of that data behind the other person's back.

It is nevertheless a timely reminder that whenever security shortcuts are brought into play, such as having a TLB to sidestep the need to re-evaluate memory accesses and thus speed things up, security may be dangerously eroded.

News URL

https://nakedsecurity.sophos.com/2022/02/01/linux-kernel-patches-performance-can-be-harmful-bug-in-video-driver/