CVE-2020-8832 — Missing XML Validation in 18.04 LTS Linux Kernel
Severity
5.5MEDIUMNVD
EPSS
0.3%
top 45.55%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedApr 10
Latest updateNov 21
Description
The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.
CVSS vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.8 | Impact: 3.6
Affected Packages3 packages
Also affects: Ubuntu Linux 14.04, 16.04, 18.04
🔴Vulnerability Details
4OSV▶
linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux-azure vulnerabilities↗2020-03-25
📋Vendor Advisories
3📄Research Papers
1arXiv▶
Characteristics, Root Causes, and Detection of Incomplete Security Bug Fixes in the Linux Kernel↗2025-11-21