[USN-4303-2] Linux kernel (HWE) vulnerability
Severity
Medium
Affected Packages
17
CVEs
1
The system could be made to expose sensitive information.
USN-4303-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 ESM.
Paulo Bonzini discovered that the KVM hypervisor implementation in the
Linux kernel could improperly let a nested (level 2) guest access the
resources of a parent (level 1) guest in certain situations. An attacker
could use this to expose sensitive information.
- ID
- USN-4303-2
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-4303-2
- Published
-
2020-03-17T01:41:31
(4 years ago) - Modified
-
2020-03-17T01:41:31
(4 years ago) - Other Advisories
-
- ALAS-2020-1360
- ALAS2-2020-1405
- ASA-202003-6
- DSA-4667-1
- DSA-4698-1
- ELSA-2020-2102
- ELSA-2020-4060
- ELSA-2020-5540
- ELSA-2020-5542
- ELSA-2020-5543
- FEDORA-2020-203ffedeb5
- FEDORA-2020-227a4c0530
- FEDORA-2020-fe00e12580
- openSUSE-SU-2020:0336-1
- RHSA-2020:2102
- RHSA-2020:2171
- RHSA-2020:4060
- RHSA-2020:4062
- SSA:2020-086-01
- SUSE-SU-2020:0558-1
- SUSE-SU-2020:0559-1
- SUSE-SU-2020:0560-1
- SUSE-SU-2020:0584-1
- SUSE-SU-2020:0649-1
- SUSE-SU-2020:0667-1
- SUSE-SU-2020:0688-1
- SUSE-SU-2020:1087-1
- SUSE-SU-2020:1142-1
- SUSE-SU-2020:1255-1
- SUSE-SU-2020:1275-1
- SUSE-SU-2020:1663-1
- USN-4300-1
- USN-4301-1
- USN-4302-1
- USN-4303-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-virtual-lts-xenial?distro=trusty | ubuntu | linux-image-virtual-lts-xenial | < 4.4.0.176.155 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-powerpc64-smp-lts-xenial?distro=trusty | ubuntu | linux-image-powerpc64-smp-lts-xenial | < 4.4.0.176.155 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-powerpc64-emb-lts-xenial?distro=trusty | ubuntu | linux-image-powerpc64-emb-lts-xenial | < 4.4.0.176.155 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-powerpc-smp-lts-xenial?distro=trusty | ubuntu | linux-image-powerpc-smp-lts-xenial | < 4.4.0.176.155 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-powerpc-e500mc-lts-xenial?distro=trusty | ubuntu | linux-image-powerpc-e500mc-lts-xenial | < 4.4.0.176.155 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-lowlatency-lts-xenial?distro=trusty | ubuntu | linux-image-lowlatency-lts-xenial | < 4.4.0.176.155 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-generic-lts-xenial?distro=trusty | ubuntu | linux-image-generic-lts-xenial | < 4.4.0.176.155 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-generic-lpae-lts-xenial?distro=trusty | ubuntu | linux-image-generic-lpae-lts-xenial | < 4.4.0.176.155 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-aws?distro=trusty | ubuntu | linux-image-aws | < 4.4.0.1064.65 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-176-powerpc64-smp?distro=trusty | ubuntu | linux-image-4.4.0-176-powerpc64-smp | < 4.4.0-176.206~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-176-powerpc64-emb?distro=trusty | ubuntu | linux-image-4.4.0-176-powerpc64-emb | < 4.4.0-176.206~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-176-powerpc-smp?distro=trusty | ubuntu | linux-image-4.4.0-176-powerpc-smp | < 4.4.0-176.206~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-176-powerpc-e500mc?distro=trusty | ubuntu | linux-image-4.4.0-176-powerpc-e500mc | < 4.4.0-176.206~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-176-lowlatency?distro=trusty | ubuntu | linux-image-4.4.0-176-lowlatency | < 4.4.0-176.206~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-176-generic?distro=trusty | ubuntu | linux-image-4.4.0-176-generic | < 4.4.0-176.206~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-176-generic-lpae?distro=trusty | ubuntu | linux-image-4.4.0-176-generic-lpae | < 4.4.0-176.206~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-1064-aws?distro=trusty | ubuntu | linux-image-4.4.0-1064-aws | < 4.4.0-1064.68 | trusty |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |