[USN-4578-1] Linux kernel vulnerabilities

Severity High

Affected Packages 58

CVEs 7

Several security issues were fixed in the Linux kernel.

Hadar Manor discovered that the DCCP protocol implementation in the Linux
kernel improperly handled socket reuse, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2020-16119)

Wen Xu discovered that the XFS file system in the Linux kernel did not
properly validate inode metadata in some situations. An attacker could use
this to construct a malicious XFS image that, when mounted, could cause a
denial of service (system crash). (CVE-2018-10322)

It was discovered that the btrfs file system in the Linux kernel contained
a use-after-free vulnerability when merging free space. An attacker could
use this to construct a malicious btrfs image that, when mounted and
operated on, could cause a denial of service (system crash).
(CVE-2019-19448)

Jay Shin discovered that the ext4 file system implementation in the Linux
kernel did not properly handle directory access with broken indexing,
leading to an out-of-bounds read vulnerability. A local attacker could use
this to cause a denial of service (system crash). (CVE-2020-14314)

Giuseppe Scrivano discovered that the overlay file system in the Linux
kernel did not properly perform permission checks in some situations. A
local attacker could possibly use this to bypass intended restrictions and
gain read access to restricted files. (CVE-2020-16120)

It was discovered that the NFS client implementation in the Linux kernel
did not properly perform bounds checking before copying security labels in
some situations. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2020-25212)

It was discovered that the NFC implementation in the Linux kernel did not
properly perform permissions checks when opening raw sockets. A local
attacker could use this to create or listen to NFC traffic.
(CVE-2020-26088)

Package	Affected Version
pkg:deb/ubuntu/linux-image-virtual?distro=bionic	< 4.15.0.121.108
pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=xenial	< 4.15.0.120.121
pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=bionic	< 4.15.0.121.108
pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=xenial	< 4.15.0.120.121
pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=bionic	< 4.15.0.121.108
pkg:deb/ubuntu/linux-image-snapdragon?distro=bionic	< 4.15.0.1089.92
pkg:deb/ubuntu/linux-image-raspi2?distro=bionic	< 4.15.0.1073.70
pkg:deb/ubuntu/linux-image-oracle?distro=xenial	< 4.15.0.1056.46
pkg:deb/ubuntu/linux-image-oracle-lts-18.04?distro=bionic	< 4.15.0.1057.67
pkg:deb/ubuntu/linux-image-oem?distro=xenial	< 4.15.0.120.121
pkg:deb/ubuntu/linux-image-oem?distro=bionic	< 4.15.0.1099.103
pkg:deb/ubuntu/linux-image-lowlatency?distro=bionic	< 4.15.0.121.108
pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=xenial	< 4.15.0.120.121
pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=bionic	< 4.15.0.121.108
pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=xenial	< 4.15.0.120.121
pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=bionic	< 4.15.0.121.108
pkg:deb/ubuntu/linux-image-kvm?distro=bionic	< 4.15.0.1077.73
pkg:deb/ubuntu/linux-image-gke?distro=xenial	< 4.15.0.1086.87
pkg:deb/ubuntu/linux-image-gke?distro=bionic	< 4.15.0.1072.76
pkg:deb/ubuntu/linux-image-gke-4.15?distro=bionic	< 4.15.0.1072.76
pkg:deb/ubuntu/linux-image-generic?distro=bionic	< 4.15.0.121.108
pkg:deb/ubuntu/linux-image-generic-lpae?distro=bionic	< 4.15.0.121.108
pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=xenial	< 4.15.0.120.121
pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=bionic	< 4.15.0.121.108
pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=xenial	< 4.15.0.120.121
pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=bionic	< 4.15.0.121.108
pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=xenial	< 4.15.0.120.121
pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=bionic	< 4.15.0.121.108
pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=xenial	< 4.15.0.120.121
pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=bionic	< 4.15.0.121.108
pkg:deb/ubuntu/linux-image-gcp?distro=xenial	< 4.15.0.1086.87
pkg:deb/ubuntu/linux-image-gcp-lts-18.04?distro=bionic	< 4.15.0.1086.104
pkg:deb/ubuntu/linux-image-azure?distro=xenial	< 4.15.0.1098.92
pkg:deb/ubuntu/linux-image-azure?distro=trusty	< 4.15.0.1098.74
pkg:deb/ubuntu/linux-image-azure-lts-18.04?distro=bionic	< 4.15.0.1099.72
pkg:deb/ubuntu/linux-image-azure-edge?distro=xenial	< 4.15.0.1098.92
pkg:deb/ubuntu/linux-image-aws-lts-18.04?distro=bionic	< 4.15.0.1086.88
pkg:deb/ubuntu/linux-image-aws-hwe?distro=xenial	< 4.15.0.1085.81
pkg:deb/ubuntu/linux-image-4.15.0-121-lowlatency?distro=bionic	< 4.15.0-121.123
pkg:deb/ubuntu/linux-image-4.15.0-121-generic?distro=bionic	< 4.15.0-121.123
pkg:deb/ubuntu/linux-image-4.15.0-121-generic-lpae?distro=bionic	< 4.15.0-121.123
pkg:deb/ubuntu/linux-image-4.15.0-120-lowlatency?distro=xenial	< 4.15.0-120.122~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-120-generic?distro=xenial	< 4.15.0-120.122~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-120-generic-lpae?distro=xenial	< 4.15.0-120.122~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-1099-oem?distro=bionic	< 4.15.0-1099.109
pkg:deb/ubuntu/linux-image-4.15.0-1099-azure?distro=bionic	< 4.15.0-1099.110
pkg:deb/ubuntu/linux-image-4.15.0-1098-azure?distro=xenial	< 4.15.0-1098.109~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-1098-azure?distro=trusty	< 4.15.0-1098.109~14.04.1
pkg:deb/ubuntu/linux-image-4.15.0-1089-snapdragon?distro=bionic	< 4.15.0-1089.98
pkg:deb/ubuntu/linux-image-4.15.0-1086-gcp?distro=xenial	< 4.15.0-1086.98~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-1086-gcp?distro=bionic	< 4.15.0-1086.98
pkg:deb/ubuntu/linux-image-4.15.0-1086-aws?distro=bionic	< 4.15.0-1086.91
pkg:deb/ubuntu/linux-image-4.15.0-1085-aws?distro=xenial	< 4.15.0-1085.90~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-1077-kvm?distro=bionic	< 4.15.0-1077.79
pkg:deb/ubuntu/linux-image-4.15.0-1073-raspi2?distro=bionic	< 4.15.0-1073.78
pkg:deb/ubuntu/linux-image-4.15.0-1072-gke?distro=bionic	< 4.15.0-1072.76
pkg:deb/ubuntu/linux-image-4.15.0-1057-oracle?distro=bionic	< 4.15.0-1057.62
pkg:deb/ubuntu/linux-image-4.15.0-1056-oracle?distro=xenial	< 4.15.0-1056.61~16.04.1

ID

USN-4578-1

Severity

high

URL

https://ubuntu.com/security/notices/USN-4578-1

Published

2020-10-14T02:06:55
(3 years ago)

Modified

2020-10-14T02:06:55
(3 years ago)

Other Advisories

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:deb/ubuntu/linux-image-virtual?distro=bionic	ubuntu	linux-image-virtual	< 4.15.0.121.108	bionic
Affected	pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=xenial	ubuntu	linux-image-virtual-hwe-16.04	< 4.15.0.120.121	xenial
Affected	pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=bionic	ubuntu	linux-image-virtual-hwe-16.04	< 4.15.0.121.108	bionic
Affected	pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=xenial	ubuntu	linux-image-virtual-hwe-16.04-edge	< 4.15.0.120.121	xenial
Affected	pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=bionic	ubuntu	linux-image-virtual-hwe-16.04-edge	< 4.15.0.121.108	bionic
Affected	pkg:deb/ubuntu/linux-image-snapdragon?distro=bionic	ubuntu	linux-image-snapdragon	< 4.15.0.1089.92	bionic
Affected	pkg:deb/ubuntu/linux-image-raspi2?distro=bionic	ubuntu	linux-image-raspi2	< 4.15.0.1073.70	bionic
Affected	pkg:deb/ubuntu/linux-image-oracle?distro=xenial	ubuntu	linux-image-oracle	< 4.15.0.1056.46	xenial
Affected	pkg:deb/ubuntu/linux-image-oracle-lts-18.04?distro=bionic	ubuntu	linux-image-oracle-lts-18.04	< 4.15.0.1057.67	bionic
Affected	pkg:deb/ubuntu/linux-image-oem?distro=xenial	ubuntu	linux-image-oem	< 4.15.0.120.121	xenial
Affected	pkg:deb/ubuntu/linux-image-oem?distro=bionic	ubuntu	linux-image-oem	< 4.15.0.1099.103	bionic
Affected	pkg:deb/ubuntu/linux-image-lowlatency?distro=bionic	ubuntu	linux-image-lowlatency	< 4.15.0.121.108	bionic
Affected	pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=xenial	ubuntu	linux-image-lowlatency-hwe-16.04	< 4.15.0.120.121	xenial
Affected	pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=bionic	ubuntu	linux-image-lowlatency-hwe-16.04	< 4.15.0.121.108	bionic
Affected	pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=xenial	ubuntu	linux-image-lowlatency-hwe-16.04-edge	< 4.15.0.120.121	xenial
Affected	pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=bionic	ubuntu	linux-image-lowlatency-hwe-16.04-edge	< 4.15.0.121.108	bionic
Affected	pkg:deb/ubuntu/linux-image-kvm?distro=bionic	ubuntu	linux-image-kvm	< 4.15.0.1077.73	bionic
Affected	pkg:deb/ubuntu/linux-image-gke?distro=xenial	ubuntu	linux-image-gke	< 4.15.0.1086.87	xenial
Affected	pkg:deb/ubuntu/linux-image-gke?distro=bionic	ubuntu	linux-image-gke	< 4.15.0.1072.76	bionic
Affected	pkg:deb/ubuntu/linux-image-gke-4.15?distro=bionic	ubuntu	linux-image-gke-4.15	< 4.15.0.1072.76	bionic
Affected	pkg:deb/ubuntu/linux-image-generic?distro=bionic	ubuntu	linux-image-generic	< 4.15.0.121.108	bionic
Affected	pkg:deb/ubuntu/linux-image-generic-lpae?distro=bionic	ubuntu	linux-image-generic-lpae	< 4.15.0.121.108	bionic
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=xenial	ubuntu	linux-image-generic-lpae-hwe-16.04	< 4.15.0.120.121	xenial
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=bionic	ubuntu	linux-image-generic-lpae-hwe-16.04	< 4.15.0.121.108	bionic
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=xenial	ubuntu	linux-image-generic-lpae-hwe-16.04-edge	< 4.15.0.120.121	xenial
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=bionic	ubuntu	linux-image-generic-lpae-hwe-16.04-edge	< 4.15.0.121.108	bionic
Affected	pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=xenial	ubuntu	linux-image-generic-hwe-16.04	< 4.15.0.120.121	xenial
Affected	pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=bionic	ubuntu	linux-image-generic-hwe-16.04	< 4.15.0.121.108	bionic
Affected	pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=xenial	ubuntu	linux-image-generic-hwe-16.04-edge	< 4.15.0.120.121	xenial
Affected	pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=bionic	ubuntu	linux-image-generic-hwe-16.04-edge	< 4.15.0.121.108	bionic
Affected	pkg:deb/ubuntu/linux-image-gcp?distro=xenial	ubuntu	linux-image-gcp	< 4.15.0.1086.87	xenial
Affected	pkg:deb/ubuntu/linux-image-gcp-lts-18.04?distro=bionic	ubuntu	linux-image-gcp-lts-18.04	< 4.15.0.1086.104	bionic
Affected	pkg:deb/ubuntu/linux-image-azure?distro=xenial	ubuntu	linux-image-azure	< 4.15.0.1098.92	xenial
Affected	pkg:deb/ubuntu/linux-image-azure?distro=trusty	ubuntu	linux-image-azure	< 4.15.0.1098.74	trusty
Affected	pkg:deb/ubuntu/linux-image-azure-lts-18.04?distro=bionic	ubuntu	linux-image-azure-lts-18.04	< 4.15.0.1099.72	bionic
Affected	pkg:deb/ubuntu/linux-image-azure-edge?distro=xenial	ubuntu	linux-image-azure-edge	< 4.15.0.1098.92	xenial
Affected	pkg:deb/ubuntu/linux-image-aws-lts-18.04?distro=bionic	ubuntu	linux-image-aws-lts-18.04	< 4.15.0.1086.88	bionic
Affected	pkg:deb/ubuntu/linux-image-aws-hwe?distro=xenial	ubuntu	linux-image-aws-hwe	< 4.15.0.1085.81	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-121-lowlatency?distro=bionic	ubuntu	linux-image-4.15.0-121-lowlatency	< 4.15.0-121.123	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-121-generic?distro=bionic	ubuntu	linux-image-4.15.0-121-generic	< 4.15.0-121.123	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-121-generic-lpae?distro=bionic	ubuntu	linux-image-4.15.0-121-generic-lpae	< 4.15.0-121.123	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-120-lowlatency?distro=xenial	ubuntu	linux-image-4.15.0-120-lowlatency	< 4.15.0-120.122~16.04.1	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-120-generic?distro=xenial	ubuntu	linux-image-4.15.0-120-generic	< 4.15.0-120.122~16.04.1	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-120-generic-lpae?distro=xenial	ubuntu	linux-image-4.15.0-120-generic-lpae	< 4.15.0-120.122~16.04.1	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1099-oem?distro=bionic	ubuntu	linux-image-4.15.0-1099-oem	< 4.15.0-1099.109	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1099-azure?distro=bionic	ubuntu	linux-image-4.15.0-1099-azure	< 4.15.0-1099.110	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1098-azure?distro=xenial	ubuntu	linux-image-4.15.0-1098-azure	< 4.15.0-1098.109~16.04.1	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1098-azure?distro=trusty	ubuntu	linux-image-4.15.0-1098-azure	< 4.15.0-1098.109~14.04.1	trusty
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1089-snapdragon?distro=bionic	ubuntu	linux-image-4.15.0-1089-snapdragon	< 4.15.0-1089.98	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1086-gcp?distro=xenial	ubuntu	linux-image-4.15.0-1086-gcp	< 4.15.0-1086.98~16.04.1	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1086-gcp?distro=bionic	ubuntu	linux-image-4.15.0-1086-gcp	< 4.15.0-1086.98	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1086-aws?distro=bionic	ubuntu	linux-image-4.15.0-1086-aws	< 4.15.0-1086.91	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1085-aws?distro=xenial	ubuntu	linux-image-4.15.0-1085-aws	< 4.15.0-1085.90~16.04.1	xenial
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1077-kvm?distro=bionic	ubuntu	linux-image-4.15.0-1077-kvm	< 4.15.0-1077.79	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1073-raspi2?distro=bionic	ubuntu	linux-image-4.15.0-1073-raspi2	< 4.15.0-1073.78	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1072-gke?distro=bionic	ubuntu	linux-image-4.15.0-1072-gke	< 4.15.0-1072.76	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1057-oracle?distro=bionic	ubuntu	linux-image-4.15.0-1057-oracle	< 4.15.0-1057.62	bionic
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1056-oracle?distro=xenial	ubuntu	linux-image-4.15.0-1056-oracle	< 4.15.0-1056.61~16.04.1	xenial

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date