Attacker Value

Unknown

(0 users assessed)

Exploitability

Unknown

(0 users assessed)

User Interaction

CVE-2020-36787

Disclosure Date: February 28, 2024 •

CVE-2020-36787 CVSS v3 Base Score: 5.5

MITRE ATT&CK

Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

In the Linux kernel, the following vulnerability has been resolved:

media: aspeed: fix clock handling logic

Video engine uses eclk and vclk for its clock sources and its reset
control is coupled with eclk so the current clock enabling sequence works
like below.

Enable eclk
De-assert Video Engine reset
10ms delay
Enable vclk

It introduces improper reset on the Video Engine hardware and eventually
the hardware generates unexpected DMA memory transfers that can corrupt
memory region in random and sporadic patterns. This issue is observed
very rarely on some specific AST2500 SoCs but it causes a critical
kernel panic with making a various shape of signature so it’s extremely
hard to debug. Moreover, the issue is observed even when the video
engine is not actively used because udevd turns on the video engine
hardware for a short time to make a query in every boot.

To fix this issue, this commit changes the clock handling logic to make
the reset de-assertion triggered after enabling both eclk and vclk. Also,
it adds clk_unprepare call for a case when probe fails.

clk: ast2600: fix reset settings for eclk and vclk
Video engine reset setting should be coupled with eclk to match it
with the setting for previous Aspeed SoCs which is defined in
clk-aspeed.c since all Aspeed SoCs are sharing a single video engine
driver. Also, reset bit 6 is defined as ‘Video Engine’ reset in
datasheet so it should be de-asserted when eclk is enabled. This
commit fixes the setting.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics

Data provided by the National Vulnerability Database (NVD)

Base Score:

5.5 Medium

Impact Score:

3.6

Exploitability Score:

1.8

Vector:

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Attack Vector (AV):

Local

Attack Complexity (AC):

Low

Privileges Required (PR):

Low

User Interaction (UI):

None

Scope (S):

Unchanged

Confidentiality (C):

None

Integrity (I):

None

Availability (A):

High

Vendors

linux

Products

linux kernel

References

Canonical

CVE-2020-36787 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36787)

Miscellaneous

https://git.kernel.org/stable/c/1dc1d30ac101bb8335d9852de2107af60c2580e7

https://git.kernel.org/stable/c/a59d01384c80a8a4392665802df57c3df20055f5

https://git.kernel.org/stable/c/2964c37563e86cfdc439f217eb3c5a69adfdba6a

https://git.kernel.org/stable/c/75321dc8aebe3f30eff226028fe6da340fe0bf02

https://git.kernel.org/stable/c/3536169f8531c2c5b153921dc7d1ac9fd570cda7

Rapid7

Unknown

CVE-2020-36787

Unknown

Unknown

None

Low

Local

CVE-2020-36787

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Unknown

CVE-2020-36787

Unknown

Unknown

None

Low

Local

CVE-2020-36787

Description

Add Assessment

CVSS V3 Severity and Metrics

General Information

Vendors

Products

References

Canonical

Miscellaneous

Additional Info

Technical Analysis

Quick Cookie Notification