[USN-4751-1] Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
It was discovered that the console keyboard driver in the Linux kernel
contained a race condition. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2020-25656)
Minh Yuan discovered that the tty driver in the Linux kernel contained race
conditions when handling fonts. A local attacker could possibly use this to
expose sensitive information (kernel memory). (CVE-2020-25668)
Bodong Zhao discovered a use-after-free in the Sun keyboard driver
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2020-25669)
Kiyin (尹亮) discovered that the perf subsystem in the Linux kernel did
not properly deallocate memory in some situations. A privileged attacker
could use this to cause a denial of service (kernel memory exhaustion).
(CVE-2020-25704)
Julien Grall discovered that the Xen dom0 event handler in the Linux kernel
did not properly limit the number of events queued. An attacker in a guest
VM could use this to cause a denial of service in the host OS.
(CVE-2020-27673)
Jinoh Kang discovered that the Xen event channel infrastructure in the
Linux kernel contained a race condition. An attacker in guest could
possibly use this to cause a denial of service (dom0 crash).
(CVE-2020-27675)
Daniel Axtens discovered that PowerPC RTAS implementation in the Linux
kernel did not properly restrict memory accesses in some situations. A
privileged local attacker could use this to arbitrarily modify kernel
memory, potentially bypassing kernel lockdown restrictions.
(CVE-2020-27777)
It was discovered that the jfs file system implementation in the Linux
kernel contained an out-of-bounds read vulnerability. A local attacker
could use this to possibly cause a denial of service (system crash).
(CVE-2020-27815)
Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in
the Linux kernel did not correctly handle setting line discipline in some
situations. A local attacker could use this to cause a denial of service
(system crash). (CVE-2020-27830, CVE-2020-28941)
It was discovered that a use-after-free vulnerability existed in the
infiniband hfi1 device driver in the Linux kernel. A local attacker could
possibly use this to cause a denial of service (system crash).
(CVE-2020-27835)
It was discovered that an information leak existed in the syscall
implementation in the Linux kernel on 32 bit systems. A local attacker
could use this to expose sensitive information (kernel memory).
(CVE-2020-28588)
Minh Yuan discovered that the framebuffer console driver in the Linux
kernel did not properly handle fonts in some conditions. A local attacker
could use this to cause a denial of service (system crash) or possibly
expose sensitive information (kernel memory). (CVE-2020-28974)
Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event
processing backend in the Linux kernel did not properly limit the number of
events queued. An attacker in a guest VM could use this to cause a denial
of service in the host OS. (CVE-2020-29568)
Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the
Xen paravirt block backend in the Linux kernel, leading to a use-after-free
vulnerability. An attacker in a guest VM could use this to cause a denial
of service in the host OS. (CVE-2020-29569)
Jann Horn discovered that the tty subsystem of the Linux kernel did not use
consistent locking in some situations, leading to a read-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information (kernel memory).
(CVE-2020-29660)
Jann Horn discovered a race condition in the tty subsystem of the Linux
kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after-
free vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2020-29661)
It was discovered that a race condition existed that caused the Linux
kernel to not properly restrict exit signal delivery. A local attacker
could possibly use this to send signals to arbitrary processes.
(CVE-2020-35508)
- ID
- USN-4751-1
- Severity
- high
- URL
- https://ubuntu.com/security/notices/USN-4751-1
- Published
-
2021-02-25T06:43:06
(3 years ago) - Modified
-
2021-02-25T06:43:06
(3 years ago) - Other Advisories
-
- ALAS-2021-1461
- ALAS-2021-1477
- ALAS2-2020-1566
- ALAS2-2021-1588
- ALPINE:CVE-2020-29568
- ALPINE:CVE-2020-29569
- ALSA-2021:0558
- ALSA-2021:1578
- ALSA-2021:4356
- ALSA-2024:3138
- ASA-202011-10
- ASB-A-175451802
- ASB-A-175451844
- DSA-4843-1
- ELSA-2020-5995
- ELSA-2020-5996
- ELSA-2021-0558
- ELSA-2021-0856
- ELSA-2021-1578
- ELSA-2021-3327
- ELSA-2021-4356
- ELSA-2021-9001
- ELSA-2021-9002
- ELSA-2021-9005
- ELSA-2021-9006
- ELSA-2021-9007
- ELSA-2021-9008
- ELSA-2021-9009
- ELSA-2021-9023
- ELSA-2021-9024
- ELSA-2021-9025
- ELSA-2021-9030
- ELSA-2021-9035
- ELSA-2021-9037
- ELSA-2021-9038
- ELSA-2021-9039
- ELSA-2021-9043
- ELSA-2021-9140
- ELSA-2021-9141
- ELSA-2021-9212
- ELSA-2021-9215
- ELSA-2022-0063
- ELSA-2024-3138
- FEDORA-2020-09e4d062fe
- FEDORA-2020-4700a73bd5
- FEDORA-2020-474d747b60
- FEDORA-2020-8c15928d23
- FEDORA-2020-920a258c79
- FEDORA-2020-98ccae320c
- FEDORA-2020-b732958765
- FEDORA-2020-bc0cc81a7a
- FEDORA-2020-e211716d08
- FREEBSD:5D91370B-61FD-11EB-B87A-901B0EF719AB
- GLSA-202011-06
- GLSA-202107-30
- MS:CVE-2020-25656
- MS:CVE-2020-25704
- MS:CVE-2020-27675
- MS:CVE-2020-27777
- MS:CVE-2020-28941
- MS:CVE-2020-28974
- MS:CVE-2020-29569
- MS:CVE-2020-29660
- MS:CVE-2020-29661
- openSUSE-SU-2020:1783-1
- openSUSE-SU-2020:1844-1
- openSUSE-SU-2020:1906-1
- openSUSE-SU-2020:2034-1
- openSUSE-SU-2020:2112-1
- openSUSE-SU-2020:2161-1
- openSUSE-SU-2020:2193-1
- openSUSE-SU-2020:2260-1
- openSUSE-SU-2021:0060-1
- openSUSE-SU-2021:0075-1
- openSUSE-SU-2021:0241-1
- openSUSE-SU-2021:0242-1
- openSUSE-SU-2021:0532-1
- openSUSE-SU-2021:0758-1
- openSUSE-SU-2021:1975-1
- openSUSE-SU-2021:1977-1
- RHSA-2021:0537
- RHSA-2021:0558
- RHSA-2021:0856
- RHSA-2021:0857
- RHSA-2021:0862
- RHSA-2021:1578
- RHSA-2021:1739
- RHSA-2021:3327
- RHSA-2021:4140
- RHSA-2021:4356
- RHSA-2022:0063
- RHSA-2022:0065
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2024:3138
- SUSE-SU-2020:3049-1
- SUSE-SU-2020:3050-1
- SUSE-SU-2020:3051-1
- SUSE-SU-2020:3052-1
- SUSE-SU-2020:3088-1
- SUSE-SU-2020:3272-1
- SUSE-SU-2020:3273-1
- SUSE-SU-2020:3281-1
- SUSE-SU-2020:3326-1
- SUSE-SU-2020:3484-1
- SUSE-SU-2020:3491-1
- SUSE-SU-2020:3501-1
- SUSE-SU-2020:3503-1
- SUSE-SU-2020:3507-1
- SUSE-SU-2020:3512-1
- SUSE-SU-2020:3513-1
- SUSE-SU-2020:3522-1
- SUSE-SU-2020:3532-1
- SUSE-SU-2020:3544-1
- SUSE-SU-2020:3648-1
- SUSE-SU-2020:3651-1
- SUSE-SU-2020:3670-1
- SUSE-SU-2020:3690-1
- SUSE-SU-2020:3698-1
- SUSE-SU-2020:3713-1
- SUSE-SU-2020:3714-1
- SUSE-SU-2020:3715-1
- SUSE-SU-2020:3717-1
- SUSE-SU-2020:3718-1
- SUSE-SU-2020:3748-1
- SUSE-SU-2020:3764-1
- SUSE-SU-2020:3766-1
- SUSE-SU-2020:3798-1
- SUSE-SU-2021:0094-1
- SUSE-SU-2021:0095-1
- SUSE-SU-2021:0096-1
- SUSE-SU-2021:0097-1
- SUSE-SU-2021:0098-1
- SUSE-SU-2021:0108-1
- SUSE-SU-2021:0117-1
- SUSE-SU-2021:0118-1
- SUSE-SU-2021:0133-1
- SUSE-SU-2021:0347-1
- SUSE-SU-2021:0348-1
- SUSE-SU-2021:0353-1
- SUSE-SU-2021:0354-1
- SUSE-SU-2021:0359-1
- SUSE-SU-2021:0362-1
- SUSE-SU-2021:0367-1
- SUSE-SU-2021:0377-1
- SUSE-SU-2021:0386-1
- SUSE-SU-2021:0408-1
- SUSE-SU-2021:0427-1
- SUSE-SU-2021:0433-1
- SUSE-SU-2021:0434-1
- SUSE-SU-2021:0437-1
- SUSE-SU-2021:0438-1
- SUSE-SU-2021:0452-1
- SUSE-SU-2021:0532-1
- SUSE-SU-2021:1175-1
- SUSE-SU-2021:1176-1
- SUSE-SU-2021:1177-1
- SUSE-SU-2021:1210-1
- SUSE-SU-2021:1211-1
- SUSE-SU-2021:1238-1
- SUSE-SU-2021:1573-1
- SUSE-SU-2021:1596-1
- SUSE-SU-2021:1623-1
- SUSE-SU-2021:1624-1
- SUSE-SU-2021:1625-1
- SUSE-SU-2021:1975-1
- SUSE-SU-2021:1977-1
- SUSE-SU-2022:1669-1
- SUSE-SU-2022:1676-1
- SUSE-SU-2022:1687-1
- USN-4679-1
- USN-4680-1
- USN-4681-1
- USN-4683-1
- USN-4708-1
- USN-4709-1
- USN-4710-1
- USN-4711-1
- USN-4748-1
- USN-4749-1
- USN-4750-1
- USN-4752-1
- USN-4876-1
- USN-4912-1
- USN-5130-1
- XSA-331
- XSA-332
- XSA-349
- XSA-350
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-virtual?distro=groovy | ubuntu | linux-image-virtual | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-virtual-hwe-20.04?distro=groovy | ubuntu | linux-image-virtual-hwe-20.04 | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-virtual-hwe-20.04?distro=focal | ubuntu | linux-image-virtual-hwe-20.04 | < 5.8.0.44.50~20.04.30 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-virtual-hwe-20.04-edge?distro=groovy | ubuntu | linux-image-virtual-hwe-20.04-edge | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-virtual-hwe-20.04-edge?distro=focal | ubuntu | linux-image-virtual-hwe-20.04-edge | < 5.8.0.44.50~20.04.30 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-raspi?distro=groovy | ubuntu | linux-image-raspi | < 5.8.0.1016.19 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-raspi-nolpae?distro=groovy | ubuntu | linux-image-raspi-nolpae | < 5.8.0.1016.19 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-oracle?distro=groovy | ubuntu | linux-image-oracle | < 5.8.0.1021.20 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-oem-20.04?distro=groovy | ubuntu | linux-image-oem-20.04 | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-lowlatency?distro=groovy | ubuntu | linux-image-lowlatency | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-lowlatency-hwe-20.04?distro=groovy | ubuntu | linux-image-lowlatency-hwe-20.04 | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-lowlatency-hwe-20.04?distro=focal | ubuntu | linux-image-lowlatency-hwe-20.04 | < 5.8.0.44.50~20.04.30 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-lowlatency-hwe-20.04-edge?distro=groovy | ubuntu | linux-image-lowlatency-hwe-20.04-edge | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-lowlatency-hwe-20.04-edge?distro=focal | ubuntu | linux-image-lowlatency-hwe-20.04-edge | < 5.8.0.44.50~20.04.30 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-kvm?distro=groovy | ubuntu | linux-image-kvm | < 5.8.0.1019.21 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-gke?distro=groovy | ubuntu | linux-image-gke | < 5.8.0.1023.23 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-generic?distro=groovy | ubuntu | linux-image-generic | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-generic-lpae?distro=groovy | ubuntu | linux-image-generic-lpae | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-generic-lpae-hwe-20.04?distro=groovy | ubuntu | linux-image-generic-lpae-hwe-20.04 | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-generic-lpae-hwe-20.04?distro=focal | ubuntu | linux-image-generic-lpae-hwe-20.04 | < 5.8.0.44.50~20.04.30 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-generic-lpae-hwe-20.04-edge?distro=groovy | ubuntu | linux-image-generic-lpae-hwe-20.04-edge | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-generic-lpae-hwe-20.04-edge?distro=focal | ubuntu | linux-image-generic-lpae-hwe-20.04-edge | < 5.8.0.44.50~20.04.30 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-generic-hwe-20.04?distro=groovy | ubuntu | linux-image-generic-hwe-20.04 | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-generic-hwe-20.04?distro=focal | ubuntu | linux-image-generic-hwe-20.04 | < 5.8.0.44.50~20.04.30 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-generic-hwe-20.04-edge?distro=groovy | ubuntu | linux-image-generic-hwe-20.04-edge | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-generic-hwe-20.04-edge?distro=focal | ubuntu | linux-image-generic-hwe-20.04-edge | < 5.8.0.44.50~20.04.30 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-generic-64k?distro=groovy | ubuntu | linux-image-generic-64k | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-generic-64k-hwe-20.04?distro=groovy | ubuntu | linux-image-generic-64k-hwe-20.04 | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-generic-64k-hwe-20.04?distro=focal | ubuntu | linux-image-generic-64k-hwe-20.04 | < 5.8.0.44.50~20.04.30 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-generic-64k-hwe-20.04-edge?distro=groovy | ubuntu | linux-image-generic-64k-hwe-20.04-edge | < 5.8.0.44.49 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-generic-64k-hwe-20.04-edge?distro=focal | ubuntu | linux-image-generic-64k-hwe-20.04-edge | < 5.8.0.44.50~20.04.30 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-gcp?distro=groovy | ubuntu | linux-image-gcp | < 5.8.0.1023.23 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-azure?distro=groovy | ubuntu | linux-image-azure | < 5.8.0.1023.23 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-aws?distro=groovy | ubuntu | linux-image-aws | < 5.8.0.1024.26 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-44-lowlatency?distro=groovy | ubuntu | linux-image-5.8.0-44-lowlatency | < 5.8.0-44.50 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-44-lowlatency?distro=focal | ubuntu | linux-image-5.8.0-44-lowlatency | < 5.8.0-44.50~20.04.1 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-44-generic?distro=groovy | ubuntu | linux-image-5.8.0-44-generic | < 5.8.0-44.50 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-44-generic?distro=focal | ubuntu | linux-image-5.8.0-44-generic | < 5.8.0-44.50~20.04.1 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-44-generic-lpae?distro=groovy | ubuntu | linux-image-5.8.0-44-generic-lpae | < 5.8.0-44.50 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-44-generic-lpae?distro=focal | ubuntu | linux-image-5.8.0-44-generic-lpae | < 5.8.0-44.50~20.04.1 | focal | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-44-generic-64k?distro=groovy | ubuntu | linux-image-5.8.0-44-generic-64k | < 5.8.0-44.50 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-1024-aws?distro=groovy | ubuntu | linux-image-5.8.0-1024-aws | < 5.8.0-1024.26 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-1023-gcp?distro=groovy | ubuntu | linux-image-5.8.0-1023-gcp | < 5.8.0-1023.24 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-1023-azure?distro=groovy | ubuntu | linux-image-5.8.0-1023-azure | < 5.8.0-1023.25 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-1021-oracle?distro=groovy | ubuntu | linux-image-5.8.0-1021-oracle | < 5.8.0-1021.22 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-1019-kvm?distro=groovy | ubuntu | linux-image-5.8.0-1019-kvm | < 5.8.0-1019.21 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-1016-raspi?distro=groovy | ubuntu | linux-image-5.8.0-1016-raspi | < 5.8.0-1016.19 | groovy | ||
Affected | pkg:deb/ubuntu/linux-image-5.8.0-1016-raspi-nolpae?distro=groovy | ubuntu | linux-image-5.8.0-1016-raspi-nolpae | < 5.8.0-1016.19 | groovy |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |