Debian: DSA-4699-1: linux security update

    Date 09 Jun 2020
    158
    Posted By LinuxSecurity Advisories
    Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
    
    - -------------------------------------------------------------------------
    Debian Security Advisory DSA-4699-1                   This email address is being protected from spambots. You need JavaScript enabled to view it.
    https://www.debian.org/security/                            Ben Hutchings
    June 09, 2020                         https://www.debian.org/security/faq
    - -------------------------------------------------------------------------
    
    Package        : linux
    CVE ID         : CVE-2019-3016 CVE-2019-19462 CVE-2020-0543 CVE-2020-10711
                     CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-12114
                     CVE-2020-12464 CVE-2020-12768 CVE-2020-12770 CVE-2020-13143
    Debian Bug     : 960271
    
    Several vulnerabilities have been discovered in the Linux kernel that
    may lead to a privilege escalation, denial of service or information
    leaks.
    
    CVE-2019-3016
    
        It was discovered that the KVM implementation for x86 did not
        always perform TLB flushes when needed, if the paravirtualised
        TLB flush feature was enabled.  This could lead to disclosure of
        sensitive information within a guest VM.
    
    CVE-2019-19462
    
        The syzkaller tool found a missing error check in the 'relay'
        library used to implement various files under debugfs.  A local
        user permitted to access debugfs could use this to cause a denial
        of service (crash) or possibly for privilege escalation.
    
    CVE-2020-0543
    
        Researchers at VU Amsterdam discovered that on some Intel CPUs
        supporting the RDRAND and RDSEED instructions, part of a random
        value generated by these instructions may be used in a later
        speculative execution on any core of the same physical CPU.
        Depending on how these instructions are used by applications, a
        local user or VM guest could use this to obtain sensitive
        information such as cryptographic keys from other users or VMs.
    
        This vulnerability can be mitigated by a microcode update, either
        as part of system firmware (BIOS) or through the intel-microcode
        package in Debian's non-free archive section.  This kernel update
        only provides reporting of the vulnerability and the option to
        disable the mitigation if it is not needed.
    
    CVE-2020-10711
    
        Matthew Sheets reported NULL pointer dereference issues in the
        SELinux subsystem while receiving CIPSO packet with null category. A
        remote attacker can take advantage of this flaw to cause a denial of
        service (crash). Note that this issue does not affect the binary
        packages distributed in Debian as CONFIG_NETLABEL is not enabled.
    
    CVE-2020-10732
    
        An information leak of kernel private memory to userspace was found
        in the kernel's implementation of core dumping userspace processes.
    
    CVE-2020-10751
    
        Dmitry Vyukov reported that the SELinux subsystem did not properly
        handle validating multiple messages, which could allow a privileged
        attacker to bypass SELinux netlink restrictions.
    
    CVE-2020-10757
    
        Fan Yang reported a flaw in the way mremap handled DAX hugepages,
        allowing a local user to escalate their privileges.
    
    CVE-2020-12114
    
        Piotr Krysiuk discovered a race condition between the umount and
        pivot_root operations in the filesystem core (vfs).  A local user
        with the CAP_SYS_ADMIN capability in any user namespace could use
        this to cause a denial of service (crash).
    
    CVE-2020-12464
    
        Kyungtae Kim reported a race condition in the USB core that can
        result in a use-after-free.  It is not clear how this can be
        exploited, but it could result in a denial of service (crash or
        memory corruption) or privilege escalation.
    
    CVE-2020-12768
    
        A bug was discovered in the KVM implementation for AMD processors,
        which could result in a memory leak.  The security impact of this
        is unclear.
    
    CVE-2020-12770
    
        It was discovered that the sg (SCSI generic) driver did not
        correctly release internal resources in a particular error case.
        A local user permitted to access an sg device could possibly use
        this to cause a denial of service (resource exhaustion).
    
    CVE-2020-13143
    
        Kyungtae Kim reported a potential heap out-of-bounds write in
        the USB gadget subsystem.  A local user permitted to write to
        the gadget configuration filesystem could use this to cause a
        denial of service (crash or memory corruption) or potentially
        for privilege escalation.
    
    For the stable distribution (buster), these problems have been fixed
    in version 4.19.118-2+deb10u1.  This version also fixes some related
    bugs that do not have their own CVE IDs, and a regression in the
     UAPI header introduced in the previous point release
    (bug #960271).
    
    We recommend that you upgrade your linux packages.
    
    For the detailed security status of linux please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/linux
    
    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/
    
    Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    LinuxSecurity Poll

    If you are using full-disk encryption: are you concerned about the resulting performance hit?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 2 answer(s).
    /main-polls/34-if-you-are-using-full-disk-encryption-are-you-concerned-about-the-resulting-performance-hit?task=poll.vote&format=json
    34
    radio
    [{"id":"120","title":"Yes","votes":"14","type":"x","order":"1","pct":60.87,"resources":[]},{"id":"121","title":"No ","votes":"9","type":"x","order":"2","pct":39.13,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.