[USN-4526-1] Linux kernel vulnerabilities

Severity Medium

Affected Packages 58

CVEs 10

Several security issues were fixed in the Linux kernel.

It was discovered that the AMD Cryptographic Coprocessor device driver in
the Linux kernel did not properly deallocate memory in some situations. A
local attacker could use this to cause a denial of service (memory
exhaustion). (CVE-2019-18808)

It was discovered that the Conexant 23885 TV card device driver for the
Linux kernel did not properly deallocate memory in some error conditions. A
local attacker could use this to cause a denial of service (memory
exhaustion). (CVE-2019-19054)

It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel
did not properly deallocate memory in certain error conditions. A local
attacker could use this to cause a denial of service (memory exhaustion).
(CVE-2019-19061)

It was discovered that the AMD Audio Coprocessor driver for the Linux
kernel did not properly deallocate memory in certain error conditions. A
local attacker with the ability to load modules could use this to cause a
denial of service (memory exhaustion). (CVE-2019-19067)

It was discovered that the Atheros HTC based wireless driver in the Linux
kernel did not properly deallocate in certain error conditions. A local
attacker could use this to cause a denial of service (memory exhaustion).
(CVE-2019-19073, CVE-2019-19074)

It was discovered that the F2FS file system in the Linux kernel did not
properly perform bounds checking in some situations, leading to an out-of-
bounds read. A local attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2019-9445)

It was discovered that the VFIO PCI driver in the Linux kernel did not
properly handle attempts to access disabled memory spaces. A local attacker
could use this to cause a denial of service (system crash).
(CVE-2020-12888)

It was discovered that the cgroup v2 subsystem in the Linux kernel did not
properly perform reference counting in some situations, leading to a NULL
pointer dereference. A local attacker could use this to cause a denial of
service or possibly gain administrative privileges. (CVE-2020-14356)

It was discovered that the state of network RNG in the Linux kernel was
potentially observable. A remote attacker could use this to expose
sensitive information. (CVE-2020-16166)

Package	Affected Version
pkg:deb/ubuntu/linux-image-virtual?distro=bionic	< 4.15.0.118.105
pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=xenial	< 4.15.0.118.119
pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=bionic	< 4.15.0.118.105
pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=xenial	< 4.15.0.118.119
pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=bionic	< 4.15.0.118.105
pkg:deb/ubuntu/linux-image-snapdragon?distro=bionic	< 4.15.0.1087.90
pkg:deb/ubuntu/linux-image-raspi2?distro=bionic	< 4.15.0.1071.68
pkg:deb/ubuntu/linux-image-oracle?distro=xenial	< 4.15.0.1054.44
pkg:deb/ubuntu/linux-image-oracle-lts-18.04?distro=bionic	< 4.15.0.1054.64
pkg:deb/ubuntu/linux-image-oem?distro=xenial	< 4.15.0.118.119
pkg:deb/ubuntu/linux-image-oem?distro=bionic	< 4.15.0.1097.101
pkg:deb/ubuntu/linux-image-lowlatency?distro=bionic	< 4.15.0.118.105
pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=xenial	< 4.15.0.118.119
pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=bionic	< 4.15.0.118.105
pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=xenial	< 4.15.0.118.119
pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=bionic	< 4.15.0.118.105
pkg:deb/ubuntu/linux-image-kvm?distro=bionic	< 4.15.0.1075.71
pkg:deb/ubuntu/linux-image-gke?distro=xenial	< 4.15.0.1084.85
pkg:deb/ubuntu/linux-image-gke?distro=bionic	< 4.15.0.1070.74
pkg:deb/ubuntu/linux-image-gke-4.15?distro=bionic	< 4.15.0.1070.74
pkg:deb/ubuntu/linux-image-generic?distro=bionic	< 4.15.0.118.105
pkg:deb/ubuntu/linux-image-generic-lpae?distro=bionic	< 4.15.0.118.105
pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=xenial	< 4.15.0.118.119
pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=bionic	< 4.15.0.118.105
pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=xenial	< 4.15.0.118.119
pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=bionic	< 4.15.0.118.105
pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=xenial	< 4.15.0.118.119
pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=bionic	< 4.15.0.118.105
pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=xenial	< 4.15.0.118.119
pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=bionic	< 4.15.0.118.105
pkg:deb/ubuntu/linux-image-gcp?distro=xenial	< 4.15.0.1084.85
pkg:deb/ubuntu/linux-image-gcp-lts-18.04?distro=bionic	< 4.15.0.1084.102
pkg:deb/ubuntu/linux-image-azure?distro=xenial	< 4.15.0.1096.90
pkg:deb/ubuntu/linux-image-azure?distro=trusty	< 4.15.0.1096.72
pkg:deb/ubuntu/linux-image-azure-lts-18.04?distro=bionic	< 4.15.0.1096.69
pkg:deb/ubuntu/linux-image-azure-edge?distro=xenial	< 4.15.0.1096.90
pkg:deb/ubuntu/linux-image-aws-lts-18.04?distro=bionic	< 4.15.0.1083.85
pkg:deb/ubuntu/linux-image-aws-hwe?distro=xenial	< 4.15.0.1083.79
pkg:deb/ubuntu/linux-image-4.15.0-118-lowlatency?distro=xenial	< 4.15.0-118.119~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-118-lowlatency?distro=bionic	< 4.15.0-118.119
pkg:deb/ubuntu/linux-image-4.15.0-118-generic?distro=xenial	< 4.15.0-118.119~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-118-generic?distro=bionic	< 4.15.0-118.119
pkg:deb/ubuntu/linux-image-4.15.0-118-generic-lpae?distro=xenial	< 4.15.0-118.119~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-118-generic-lpae?distro=bionic	< 4.15.0-118.119
pkg:deb/ubuntu/linux-image-4.15.0-1097-oem?distro=bionic	< 4.15.0-1097.107
pkg:deb/ubuntu/linux-image-4.15.0-1096-azure?distro=xenial	< 4.15.0-1096.106~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-1096-azure?distro=trusty	< 4.15.0-1096.106~14.04.1
pkg:deb/ubuntu/linux-image-4.15.0-1096-azure?distro=bionic	< 4.15.0-1096.106
pkg:deb/ubuntu/linux-image-4.15.0-1087-snapdragon?distro=bionic	< 4.15.0-1087.95
pkg:deb/ubuntu/linux-image-4.15.0-1084-gcp?distro=xenial	< 4.15.0-1084.95~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-1084-gcp?distro=bionic	< 4.15.0-1084.95
pkg:deb/ubuntu/linux-image-4.15.0-1083-aws?distro=xenial	< 4.15.0-1083.87~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-1083-aws?distro=bionic	< 4.15.0-1083.87
pkg:deb/ubuntu/linux-image-4.15.0-1075-kvm?distro=bionic	< 4.15.0-1075.76
pkg:deb/ubuntu/linux-image-4.15.0-1071-raspi2?distro=bionic	< 4.15.0-1071.75
pkg:deb/ubuntu/linux-image-4.15.0-1070-gke?distro=bionic	< 4.15.0-1070.73
pkg:deb/ubuntu/linux-image-4.15.0-1054-oracle?distro=xenial	< 4.15.0-1054.58~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-1054-oracle?distro=bionic	< 4.15.0-1054.58

ID

USN-4526-1

Severity

medium

URL

https://ubuntu.com/security/notices/USN-4526-1

Published

2020-09-23T07:42:42
(4 years ago)

Modified

2020-09-23T07:42:42
(4 years ago)

Other Advisories

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:deb/ubuntu/linux-image-virtual?distro=bionic	ubuntu	linux-image-virtual	< 4.15.0.118.105	bionic
Affected	pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=xenial	ubuntu	linux-image-virtual-hwe-16.04	< 4.15.0.118.119	xenial
Affected	pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=bionic	ubuntu	linux-image-virtual-hwe-16.04	< 4.15.0.118.105	bionic
Affected	pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=xenial	ubuntu	linux-image-virtual-hwe-16.04-edge	< 4.15.0.118.119	xenial
Affected	pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=bionic	ubuntu	linux-image-virtual-hwe-16.04-edge	< 4.15.0.118.105	bionic
Affected	pkg:deb/ubuntu/linux-image-snapdragon?distro=bionic	ubuntu	linux-image-snapdragon	< 4.15.0.1087.90	bionic
Affected	pkg:deb/ubuntu/linux-image-raspi2?distro=bionic	ubuntu	linux-image-raspi2	< 4.15.0.1071.68	bionic
Affected	pkg:deb/ubuntu/linux-image-oracle?distro=xenial	ubuntu	linux-image-oracle	< 4.15.0.1054.44	xenial
Affected	pkg:deb/ubuntu/linux-image-oracle-lts-18.04?distro=bionic	ubuntu	linux-image-oracle-lts-18.04	< 4.15.0.1054.64	bionic
Affected	pkg:deb/ubuntu/linux-image-oem?distro=xenial	ubuntu	linux-image-oem	< 4.15.0.118.119	xenial
Affected	pkg:deb/ubuntu/linux-image-oem?distro=bionic	ubuntu	linux-image-oem	< 4.15.0.1097.101	bionic
Affected	pkg:deb/ubuntu/linux-image-lowlatency?distro=bionic	ubuntu	linux-image-lowlatency	< 4.15.0.118.105	bionic
Affected	pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=xenial	ubuntu	linux-image-lowlatency-hwe-16.04	< 4.15.0.118.119	xenial
Affected	pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=bionic	ubuntu	linux-image-lowlatency-hwe-16.04	< 4.15.0.118.105	bionic
Affected	pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=xenial	ubuntu	linux-image-lowlatency-hwe-16.04-edge	< 4.15.0.118.119	xenial
Affected	pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=bionic	ubuntu	linux-image-lowlatency-hwe-16.04-edge	< 4.15.0.118.105	bionic
Affected	pkg:deb/ubuntu/linux-image-kvm?distro=bionic	ubuntu	linux-image-kvm	< 4.15.0.1075.71	bionic
Affected	pkg:deb/ubuntu/linux-image-gke?distro=xenial	ubuntu	linux-image-gke	< 4.15.0.1084.85	xenial
Affected	pkg:deb/ubuntu/linux-image-gke?distro=bionic	ubuntu	linux-image-gke	< 4.15.0.1070.74	bionic
Affected	pkg:deb/ubuntu/linux-image-gke-4.15?distro=bionic	ubuntu	linux-image-gke-4.15	< 4.15.0.1070.74	bionic
Affected	pkg:deb/ubuntu/linux-image-generic?distro=bionic	ubuntu	linux-image-generic	< 4.15.0.118.105	bionic
Affected	pkg:deb/ubuntu/linux-image-generic-lpae?distro=bionic	ubuntu	linux-image-generic-lpae	< 4.15.0.118.105	bionic
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=xenial	ubuntu	linux-image-generic-lpae-hwe-16.04	< 4.15.0.118.119	xenial
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=bionic	ubuntu	linux-image-generic-lpae-hwe-16.04	< 4.15.0.118.105	bionic
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=xenial	ubuntu	linux-image-generic-lpae-hwe-16.04-edge	< 4.15.0.118.119	xenial
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=bionic	ubuntu	linux-image-generic-lpae-hwe-16.04-edge	< 4.15.0.118.105	bionic
Affected	pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=xenial	ubuntu	linux-image-generic-hwe-16.04	< 4.15.0.118.119	xenial
Affected	pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=bionic	ubuntu	linux-image-generic-hwe-16.04	< 4.15.0.118.105	bionic
Affected	pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=xenial	ubuntu	linux-image-generic-hwe-16.04-edge	< 4.15.0.118.119	xenial
Affected	pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=bionic	ubuntu	linux-image-generic-hwe-16.04-edge	< 4.15.0.118.105	bionic
Affected	pkg:deb/ubuntu/linux-image-gcp?distro=xenial	ubuntu	linux-image-gcp	< 4.15.0.1084.85	xenial
Affected	pkg:deb/ubuntu/linux-image-gcp-lts-18.04?distro=bionic	ubuntu	linux-image-gcp-lts-18.04	< 4.15.0.1084.102	bionic
Affected	pkg:deb/ubuntu/linux-image-azure?distro=xenial	ubuntu	linux-image-azure	< 4.15.0.1096.90	xenial
Affected	pkg:deb/ubuntu/linux-image-azure?distro=trusty	ubuntu	linux-image-azure	< 4.15.0.1096.72	trusty
Affected	pkg:deb/ubuntu/linux-image-azure-lts-18.04?distro=bionic	ubuntu	linux-image-azure-lts-18.04	< 4.15.0.1096.69	bionic
Affected	pkg:deb/ubuntu/linux-image-azure-edge?distro=xenial	ubuntu	linux-image-azure-edge	< 4.15.0.1096.90	xenial
Affected	pkg:deb/ubuntu/linux-image-aws-lts-18.04?distro=bionic	ubuntu	linux-image-aws-lts-18.04	< 4.15.0.1083.85	bionic
Affected	pkg:deb/ubuntu/linux-image-aws-hwe?distro=xenial	ubuntu	linux-image-aws-hwe	< 4.15.0.1083.79	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-118-lowlatency?distro=xenial	ubuntu	linux-image-4.15.0-118-lowlatency	< 4.15.0-118.119~16.04.1	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-118-lowlatency?distro=bionic	ubuntu	linux-image-4.15.0-118-lowlatency	< 4.15.0-118.119	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-118-generic?distro=xenial	ubuntu	linux-image-4.15.0-118-generic	< 4.15.0-118.119~16.04.1	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-118-generic?distro=bionic	ubuntu	linux-image-4.15.0-118-generic	< 4.15.0-118.119	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-118-generic-lpae?distro=xenial	ubuntu	linux-image-4.15.0-118-generic-lpae	< 4.15.0-118.119~16.04.1	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-118-generic-lpae?distro=bionic	ubuntu	linux-image-4.15.0-118-generic-lpae	< 4.15.0-118.119	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1097-oem?distro=bionic	ubuntu	linux-image-4.15.0-1097-oem	< 4.15.0-1097.107	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1096-azure?distro=xenial	ubuntu	linux-image-4.15.0-1096-azure	< 4.15.0-1096.106~16.04.1	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1096-azure?distro=trusty	ubuntu	linux-image-4.15.0-1096-azure	< 4.15.0-1096.106~14.04.1	trusty
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1096-azure?distro=bionic	ubuntu	linux-image-4.15.0-1096-azure	< 4.15.0-1096.106	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1087-snapdragon?distro=bionic	ubuntu	linux-image-4.15.0-1087-snapdragon	< 4.15.0-1087.95	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1084-gcp?distro=xenial	ubuntu	linux-image-4.15.0-1084-gcp	< 4.15.0-1084.95~16.04.1	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1084-gcp?distro=bionic	ubuntu	linux-image-4.15.0-1084-gcp	< 4.15.0-1084.95	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1083-aws?distro=xenial	ubuntu	linux-image-4.15.0-1083-aws	< 4.15.0-1083.87~16.04.1	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1083-aws?distro=bionic	ubuntu	linux-image-4.15.0-1083-aws	< 4.15.0-1083.87	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1075-kvm?distro=bionic	ubuntu	linux-image-4.15.0-1075-kvm	< 4.15.0-1075.76	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1071-raspi2?distro=bionic	ubuntu	linux-image-4.15.0-1071-raspi2	< 4.15.0-1071.75	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1070-gke?distro=bionic	ubuntu	linux-image-4.15.0-1070-gke	< 4.15.0-1070.73	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1054-oracle?distro=xenial	ubuntu	linux-image-4.15.0-1054-oracle	< 4.15.0-1054.58~16.04.1	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1054-oracle?distro=bionic	ubuntu	linux-image-4.15.0-1054-oracle	< 4.15.0-1054.58	bionic

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date