[USN-4749-1] Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
Bodong Zhao discovered a use-after-free in the Sun keyboard driver
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2020-25669)
It was discovered that the jfs file system implementation in the Linux
kernel contained an out-of-bounds read vulnerability. A local attacker
could use this to possibly cause a denial of service (system crash).
(CVE-2020-27815)
Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in
the Linux kernel did not correctly handle setting line discipline in some
situations. A local attacker could use this to cause a denial of service
(system crash). (CVE-2020-27830, CVE-2020-28941)
It was discovered that the memory management subsystem in the Linux kernel
did not properly handle copy-on-write operations in some situations. A
local attacker could possibly use this to gain unintended write access to
read-only memory pages. (CVE-2020-29374)
Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event
processing backend in the Linux kernel did not properly limit the number of
events queued. An attacker in a guest VM could use this to cause a denial
of service in the host OS. (CVE-2020-29568)
Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the
Xen paravirt block backend in the Linux kernel, leading to a use-after-free
vulnerability. An attacker in a guest VM could use this to cause a denial
of service in the host OS. (CVE-2020-29569)
Jann Horn discovered that the tty subsystem of the Linux kernel did not use
consistent locking in some situations, leading to a read-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information (kernel memory).
(CVE-2020-29660)
Jann Horn discovered a race condition in the tty subsystem of the Linux
kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after-
free vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2020-29661)
- ID
- USN-4749-1
- Severity
- high
- URL
- https://ubuntu.com/security/notices/USN-4749-1
- Published
-
2021-02-25T07:05:21
(3 years ago) - Modified
-
2021-02-25T07:05:21
(3 years ago) - Other Advisories
-
- ALAS-2021-1461
- ALAS-2021-1477
- ALAS-2021-1503
- ALAS2-2020-1566
- ALAS2-2021-1588
- ALAS2-2021-1636
- ALPINE:CVE-2020-29568
- ALPINE:CVE-2020-29569
- ALSA-2021:0558
- ALSA-2021:4356
- ASB-A-174737879
- ASB-A-175451802
- ASB-A-175451844
- DSA-4843-1
- DSA-5096-1
- ELSA-2021-0558
- ELSA-2021-0856
- ELSA-2021-4356
- ELSA-2021-9005
- ELSA-2021-9006
- ELSA-2021-9007
- ELSA-2021-9008
- ELSA-2021-9009
- ELSA-2021-9023
- ELSA-2021-9024
- ELSA-2021-9025
- ELSA-2021-9030
- ELSA-2021-9035
- ELSA-2021-9037
- ELSA-2021-9038
- ELSA-2021-9039
- ELSA-2021-9212
- FEDORA-2020-4700a73bd5
- FEDORA-2020-8c15928d23
- FEDORA-2020-b732958765
- FEDORA-2020-bc0cc81a7a
- FREEBSD:5D91370B-61FD-11EB-B87A-901B0EF719AB
- GLSA-202107-30
- MS:CVE-2020-28941
- MS:CVE-2020-29374
- MS:CVE-2020-29569
- MS:CVE-2020-29660
- MS:CVE-2020-29661
- openSUSE-SU-2020:2034-1
- openSUSE-SU-2020:2161-1
- openSUSE-SU-2020:2260-1
- openSUSE-SU-2021:0060-1
- openSUSE-SU-2021:0075-1
- openSUSE-SU-2021:0241-1
- openSUSE-SU-2021:0242-1
- openSUSE-SU-2021:0393-1
- openSUSE-SU-2021:0532-1
- openSUSE-SU-2021:0758-1
- openSUSE-SU-2021:1975-1
- openSUSE-SU-2021:1977-1
- RHSA-2021:0537
- RHSA-2021:0558
- RHSA-2021:0856
- RHSA-2021:0857
- RHSA-2021:0862
- RHSA-2021:4140
- RHSA-2021:4356
- SSA:2022-031-01
- SUSE-SU-2020:3484-1
- SUSE-SU-2020:3713-1
- SUSE-SU-2020:3715-1
- SUSE-SU-2020:3717-1
- SUSE-SU-2020:3718-1
- SUSE-SU-2020:3748-1
- SUSE-SU-2020:3764-1
- SUSE-SU-2020:3766-1
- SUSE-SU-2020:3798-1
- SUSE-SU-2021:0094-1
- SUSE-SU-2021:0095-1
- SUSE-SU-2021:0096-1
- SUSE-SU-2021:0097-1
- SUSE-SU-2021:0098-1
- SUSE-SU-2021:0108-1
- SUSE-SU-2021:0117-1
- SUSE-SU-2021:0118-1
- SUSE-SU-2021:0133-1
- SUSE-SU-2021:0347-1
- SUSE-SU-2021:0348-1
- SUSE-SU-2021:0353-1
- SUSE-SU-2021:0354-1
- SUSE-SU-2021:0359-1
- SUSE-SU-2021:0362-1
- SUSE-SU-2021:0367-1
- SUSE-SU-2021:0377-1
- SUSE-SU-2021:0386-1
- SUSE-SU-2021:0408-1
- SUSE-SU-2021:0427-1
- SUSE-SU-2021:0433-1
- SUSE-SU-2021:0434-1
- SUSE-SU-2021:0437-1
- SUSE-SU-2021:0438-1
- SUSE-SU-2021:0452-1
- SUSE-SU-2021:0532-1
- SUSE-SU-2021:0735-1
- SUSE-SU-2021:0736-1
- SUSE-SU-2021:0737-1
- SUSE-SU-2021:0738-1
- SUSE-SU-2021:0740-1
- SUSE-SU-2021:0741-1
- SUSE-SU-2021:1175-1
- SUSE-SU-2021:1176-1
- SUSE-SU-2021:1177-1
- SUSE-SU-2021:1210-1
- SUSE-SU-2021:1211-1
- SUSE-SU-2021:1238-1
- SUSE-SU-2021:1573-1
- SUSE-SU-2021:1596-1
- SUSE-SU-2021:1624-1
- SUSE-SU-2021:1625-1
- SUSE-SU-2021:1975-1
- SUSE-SU-2021:1977-1
- USN-4708-1
- USN-4709-1
- USN-4748-1
- USN-4750-1
- USN-4751-1
- USN-4752-1
- USN-4876-1
- USN-4912-1
- USN-5130-1
- XSA-349
- XSA-350
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-virtual?distro=bionic | ubuntu | linux-image-virtual | < 4.15.0.136.123 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=xenial | ubuntu | linux-image-virtual-hwe-16.04 | < 4.15.0.136.132 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=bionic | ubuntu | linux-image-virtual-hwe-16.04 | < 4.15.0.136.123 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=xenial | ubuntu | linux-image-virtual-hwe-16.04-edge | < 4.15.0.136.132 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=bionic | ubuntu | linux-image-virtual-hwe-16.04-edge | < 4.15.0.136.123 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-snapdragon?distro=bionic | ubuntu | linux-image-snapdragon | < 4.15.0.1096.99 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-raspi2?distro=bionic | ubuntu | linux-image-raspi2 | < 4.15.0.1079.76 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-oracle?distro=xenial | ubuntu | linux-image-oracle | < 4.15.0.1065.53 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-oracle-lts-18.04?distro=bionic | ubuntu | linux-image-oracle-lts-18.04 | < 4.15.0.1065.75 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-oem?distro=xenial | ubuntu | linux-image-oem | < 4.15.0.136.132 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-lowlatency?distro=bionic | ubuntu | linux-image-lowlatency | < 4.15.0.136.123 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=xenial | ubuntu | linux-image-lowlatency-hwe-16.04 | < 4.15.0.136.132 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=bionic | ubuntu | linux-image-lowlatency-hwe-16.04 | < 4.15.0.136.123 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=xenial | ubuntu | linux-image-lowlatency-hwe-16.04-edge | < 4.15.0.136.132 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=bionic | ubuntu | linux-image-lowlatency-hwe-16.04-edge | < 4.15.0.136.123 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-kvm?distro=bionic | ubuntu | linux-image-kvm | < 4.15.0.1085.81 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-gke?distro=xenial | ubuntu | linux-image-gke | < 4.15.0.1093.94 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-gke?distro=bionic | ubuntu | linux-image-gke | < 4.15.0.1079.83 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-gke-4.15?distro=bionic | ubuntu | linux-image-gke-4.15 | < 4.15.0.1079.83 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-generic?distro=bionic | ubuntu | linux-image-generic | < 4.15.0.136.123 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-generic-lpae?distro=bionic | ubuntu | linux-image-generic-lpae | < 4.15.0.136.123 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=xenial | ubuntu | linux-image-generic-lpae-hwe-16.04 | < 4.15.0.136.132 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=bionic | ubuntu | linux-image-generic-lpae-hwe-16.04 | < 4.15.0.136.123 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=xenial | ubuntu | linux-image-generic-lpae-hwe-16.04-edge | < 4.15.0.136.132 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=bionic | ubuntu | linux-image-generic-lpae-hwe-16.04-edge | < 4.15.0.136.123 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=xenial | ubuntu | linux-image-generic-hwe-16.04 | < 4.15.0.136.132 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=bionic | ubuntu | linux-image-generic-hwe-16.04 | < 4.15.0.136.123 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=xenial | ubuntu | linux-image-generic-hwe-16.04-edge | < 4.15.0.136.132 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=bionic | ubuntu | linux-image-generic-hwe-16.04-edge | < 4.15.0.136.123 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-gcp?distro=xenial | ubuntu | linux-image-gcp | < 4.15.0.1093.94 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-gcp-lts-18.04?distro=bionic | ubuntu | linux-image-gcp-lts-18.04 | < 4.15.0.1093.111 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-dell300x?distro=bionic | ubuntu | linux-image-dell300x | < 4.15.0.1012.14 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-azure?distro=xenial | ubuntu | linux-image-azure | < 4.15.0.1108.99 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-azure?distro=trusty | ubuntu | linux-image-azure | < 4.15.0.1108.81 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-azure-lts-18.04?distro=bionic | ubuntu | linux-image-azure-lts-18.04 | < 4.15.0.1108.81 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-azure-edge?distro=xenial | ubuntu | linux-image-azure-edge | < 4.15.0.1108.99 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-aws-lts-18.04?distro=bionic | ubuntu | linux-image-aws-lts-18.04 | < 4.15.0.1094.97 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-aws-hwe?distro=xenial | ubuntu | linux-image-aws-hwe | < 4.15.0.1094.87 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-136-lowlatency?distro=xenial | ubuntu | linux-image-4.15.0-136-lowlatency | < 4.15.0-136.140~16.04.1 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-136-lowlatency?distro=bionic | ubuntu | linux-image-4.15.0-136-lowlatency | < 4.15.0-136.140 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-136-generic?distro=xenial | ubuntu | linux-image-4.15.0-136-generic | < 4.15.0-136.140~16.04.1 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-136-generic?distro=bionic | ubuntu | linux-image-4.15.0-136-generic | < 4.15.0-136.140 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-136-generic-lpae?distro=xenial | ubuntu | linux-image-4.15.0-136-generic-lpae | < 4.15.0-136.140~16.04.1 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-136-generic-lpae?distro=bionic | ubuntu | linux-image-4.15.0-136-generic-lpae | < 4.15.0-136.140 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1108-azure?distro=xenial | ubuntu | linux-image-4.15.0-1108-azure | < 4.15.0-1108.120~16.04.1 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1108-azure?distro=trusty | ubuntu | linux-image-4.15.0-1108-azure | < 4.15.0-1108.120~14.04.1 | trusty | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1108-azure?distro=bionic | ubuntu | linux-image-4.15.0-1108-azure | < 4.15.0-1108.120 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1096-snapdragon?distro=bionic | ubuntu | linux-image-4.15.0-1096-snapdragon | < 4.15.0-1096.105 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1094-aws?distro=xenial | ubuntu | linux-image-4.15.0-1094-aws | < 4.15.0-1094.101~16.04.1 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1094-aws?distro=bionic | ubuntu | linux-image-4.15.0-1094-aws | < 4.15.0-1094.101 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1093-gcp?distro=xenial | ubuntu | linux-image-4.15.0-1093-gcp | < 4.15.0-1093.106~16.04.1 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1093-gcp?distro=bionic | ubuntu | linux-image-4.15.0-1093-gcp | < 4.15.0-1093.106 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1085-kvm?distro=bionic | ubuntu | linux-image-4.15.0-1085-kvm | < 4.15.0-1085.87 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1079-raspi2?distro=bionic | ubuntu | linux-image-4.15.0-1079-raspi2 | < 4.15.0-1079.84 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1079-gke?distro=bionic | ubuntu | linux-image-4.15.0-1079-gke | < 4.15.0-1079.84 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1065-oracle?distro=xenial | ubuntu | linux-image-4.15.0-1065-oracle | < 4.15.0-1065.73~16.04.1 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1065-oracle?distro=bionic | ubuntu | linux-image-4.15.0-1065-oracle | < 4.15.0-1065.73 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1012-dell300x?distro=bionic | ubuntu | linux-image-4.15.0-1012-dell300x | < 4.15.0-1012.16 | bionic |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |