A potential security vulnerability in the Intel® Visual Compute Accelerator 2 may allow escalation of privilege or denial of service.** Intel is providing documentation updates to partially mitigate this potential vulnerability.**
CVEID: CVE-2020-8676
Description: Improper access control in the Intel® Visual Compute Accelerator 2, all versions, may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS Base Score: 6.0 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:H/A:N
CVEID: CVE-2020-8677
Description: Improper access control in the Intel® Visual Compute Accelerator 2, all versions, may allow a privileged user to potentially enable denial of service via local access.
CVSS Base Score: 4.4 Medium
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Intel® Visual Compute Accelerator 2, all versions.
CVEID: CVE-2020-8676
Intel recommends that systems using the Intel® Visual Compute Accelerator 2 card enable DMA protection, including pre-boot phases, as described in the following white paper:
Using IOMMU for DMA Protection in UEFI Firmware
CVEID: CVE-2020-8677
Intel will not be releasing an update for this issue. Intel recommends limiting privileged access of host systems to trusted individuals, as part of normal security practices.
This issue was found internally by Intel employees. Intel we would like to thank Hareesh Khattri.
Intel, and nearly the entire technology industry, follows a disclosure practice called Coordinated Disclosure, under which a cybersecurity vulnerability is generally publicly disclosed only after mitigations are available.