CVE-2019-14615 – kernel: Intel graphics card information leak.

https://notcve.org/view.php?id=CVE-2019-14615

Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access. El flujo de control insuficiente en determinadas estructuras de datos para algunos Procesadores de Intel(R) con Intel(R) Processor Graphics, puede permitir a un usuario no autenticado habilitar potencialmente una divulgación de información por medio de un acceso local. An information disclosure flaw was found in the Linux kernel. The i915 graphics driver lacks control of flow for data structures which may allow a local, authenticated user to disclose information when using ioctl commands with an attached i915 device. The highest threat from this vulnerability is to data confidentiality. • http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html http://packetstormsecurity.com/files/156455/Kernel-Live-Patch-Security-Notice-LSN-0063-1.html http://seclists.org/fulldisclosure/2020/Mar/31 https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html https://support.apple.com/kb/HT211100 https://usn.ubuntu.com/4253-1 https://usn.ubuntu.com/4253-2 https://us • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •