[USN-4344-1] Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
It was discovered that the Intel Wi-Fi driver in the Linux kernel did not
properly check for errors in some situations. A local attacker could
possibly use this to cause a denial of service (system crash).
(CVE-2019-16234)
It was discovered that the Intel WiMAX 2400 driver in the Linux kernel did
not properly deallocate memory in certain situations. A local attacker
could use this to cause a denial of service (kernel memory exhaustion).
(CVE-2019-19051)
Tristan Madani discovered that the block I/O tracing implementation in the
Linux kernel contained a race condition. A local attacker could use this to
cause a denial of service (system crash) or possibly expose sensitive
information. (CVE-2019-19768)
It was discovered that the vhost net driver in the Linux kernel contained a
stack buffer overflow. A local attacker with the ability to perform ioctl()
calls on /dev/vhost-net could use this to cause a denial of service (system
crash). (CVE-2020-10942)
It was discovered that the virtual terminal implementation in the Linux
kernel contained a race condition. A local attacker could possibly use this
to cause a denial of service (system crash) or expose sensitive
information. (CVE-2020-8648)
Shijie Luo discovered that the ext4 file system implementation in the Linux
kernel did not properly check for a too-large journal size. An attacker
could use this to construct a malicious ext4 image that, when mounted,
could cause a denial of service (soft lockup). (CVE-2020-8992)
Jordy Zomer discovered that the floppy driver in the Linux kernel did not
properly check for errors in some situations. A local attacker could
possibly use this to cause a denial of service (system crash) or possibly
expose sensitive information. (CVE-2020-9383)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-image-oem-osp1?distro=bionic | < 5.0.0.1050.53 |
pkg:deb/ubuntu/linux-image-gke-5.0?distro=bionic | < 5.0.0.1035.23 |
pkg:deb/ubuntu/linux-image-5.0.0-1050-oem-osp1?distro=bionic | < 5.0.0-1050.55 |
pkg:deb/ubuntu/linux-image-5.0.0-1035-gke?distro=bionic | < 5.0.0-1035.36 |
- ID
- USN-4344-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-4344-1
- Published
-
2020-04-28T23:46:22
(4 years ago) - Modified
-
2020-04-28T23:46:22
(4 years ago) - Other Advisories
-
- ALAS-2020-1360
- ALAS-2020-1377
- ALAS2-2020-1405
- ALAS2-2020-1431
- ALSA-2020:4431
- ASA-202003-6
- DSA-4667-1
- DSA-4698-1
- ELSA-2020-1769
- ELSA-2020-2082
- ELSA-2020-4060
- ELSA-2020-5642
- ELSA-2020-5649
- ELSA-2020-5663
- ELSA-2020-5670
- ELSA-2020-5676
- ELSA-2020-5804
- ELSA-2020-5866
- ELSA-2021-2314
- MS:CVE-2020-10942
- MS:CVE-2020-8648
- MS:CVE-2020-8992
- MS:CVE-2020-9383
- openSUSE-SU-2019:2392-1
- openSUSE-SU-2019:2444-1
- openSUSE-SU-2020:0336-1
- openSUSE-SU-2020:0388-1
- openSUSE-SU-2020:0543-1
- RHSA-2020:1567
- RHSA-2020:1769
- RHSA-2020:2082
- RHSA-2020:2085
- RHSA-2020:4060
- RHSA-2020:4062
- RHSA-2020:4431
- RHSA-2020:4609
- RHSA-2021:2314
- RHSA-2021:2316
- SSA:2020-086-01
- SSA:2020-163-01
- SUSE-SU-2019:2879-1
- SUSE-SU-2019:2946-1
- SUSE-SU-2019:2947-1
- SUSE-SU-2019:2949-1
- SUSE-SU-2019:2950-1
- SUSE-SU-2019:2951-1
- SUSE-SU-2019:2952-1
- SUSE-SU-2019:2953-1
- SUSE-SU-2019:2984-1
- SUSE-SU-2019:3294-1
- SUSE-SU-2019:3295-1
- SUSE-SU-2019:3316-1
- SUSE-SU-2019:3381-1
- SUSE-SU-2019:3389-1
- SUSE-SU-2020:0093-1
- SUSE-SU-2020:0511-1
- SUSE-SU-2020:0558-1
- SUSE-SU-2020:0559-1
- SUSE-SU-2020:0560-1
- SUSE-SU-2020:0580-1
- SUSE-SU-2020:0584-1
- SUSE-SU-2020:0599-1
- SUSE-SU-2020:0613-1
- SUSE-SU-2020:0649-1
- SUSE-SU-2020:0667-1
- SUSE-SU-2020:0688-1
- SUSE-SU-2020:0836-1
- SUSE-SU-2020:1084-1
- SUSE-SU-2020:1085-1
- SUSE-SU-2020:1087-1
- SUSE-SU-2020:1118-1
- SUSE-SU-2020:1119-1
- SUSE-SU-2020:1123-1
- SUSE-SU-2020:1141-1
- SUSE-SU-2020:1142-1
- SUSE-SU-2020:1146-1
- SUSE-SU-2020:1255-1
- SUSE-SU-2020:1275-1
- SUSE-SU-2020:1663-1
- USN-4225-1
- USN-4225-2
- USN-4286-1
- USN-4286-2
- USN-4302-1
- USN-4318-1
- USN-4324-1
- USN-4342-1
- USN-4345-1
- USN-4346-1
- USN-4364-1
- USN-4419-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-oem-osp1?distro=bionic | ubuntu | linux-image-oem-osp1 | < 5.0.0.1050.53 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-gke-5.0?distro=bionic | ubuntu | linux-image-gke-5.0 | < 5.0.0.1035.23 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-5.0.0-1050-oem-osp1?distro=bionic | ubuntu | linux-image-5.0.0-1050-oem-osp1 | < 5.0.0-1050.55 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-5.0.0-1035-gke?distro=bionic | ubuntu | linux-image-5.0.0-1035-gke | < 5.0.0-1035.36 | bionic |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |