Information disclosure in Linux kernel

Published: 2020-01-17 | Updated: 2020-06-01
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-14615
Exploitation vector Local
Public exploit N/A
Vulnerable software
Linux kernel
Operating systems & Components / Operating system

Vendor Linux Foundation

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Information disclosure

EUVDB-ID: #VU28407

Risk: Low


CVE-ID: CVE-2019-14615

CWE-ID: CWE-200 - Information Exposure

Exploit availability: No


The vulnerability allows a local non-authenticated attacker to gain access to sensitive information.

Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access.


Install update from vendor's website.

Vulnerable software versions

Linux kernel: 4.4 - 5.4.42

CPE2.3 External links

Q & A

Can this vulnerability be exploited remotely?

Is there known malware, which exploits this vulnerability?