{"id":"CVE-2018-20669","details":"An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary kernel memory, resulting in a Denial of Service or privilege escalation.","aliases":["A-135368228","ASB-A-135368228"],"modified":"2026-03-15T22:19:53.596981Z","published":"2019-03-21T16:00:37.327Z","related":["SUSE-SU-2019:0765-1","SUSE-SU-2019:0767-1","SUSE-SU-2019:0784-1","SUSE-SU-2019:0785-1","SUSE-SU-2020:3766-1","SUSE-SU-2020:3798-1","SUSE-SU-2021:0097-1","SUSE-SU-2021:0098-1","SUSE-SU-2021:0118-1","SUSE-SU-2021:0133-1","openSUSE-SU-2019:0203-1","openSUSE-SU-2020:2193-1"],"references":[{"type":"ADVISORY","url":"https://support.f5.com/csp/article/K32059550"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4485-1/"},{"type":"ADVISORY","url":"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/log/drivers/gpu/drm/i915/i915_gem_execbuffer.c"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-02/msg00042.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/106748"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/cve-2018-20669"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20190404-0002/"},{"type":"FIX","url":"http://www.openwall.com/lists/oss-security/2019/01/23/6"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-20669.json","unresolved_ranges":[{"events":[{"introduced":"4.13"},{"fixed":"4.14.185"}]},{"events":[{"introduced":"4.15"},{"fixed":"4.19.129"}]},{"events":[{"introduced":"4.20"},{"fixed":"5.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}