Alerts This Week
Warning Icon 1 1,153
Alerts This Week
Warning Icon 1 1,153

Debian LTS: DLA-2420-1 Critical Security Update for Kernel Issues

debian lts
Calendar Grey October 30, 2020
Dist Debian Esm H88
Ubuntu LTS patch addresses severe kernel vulnerabilities leading to service interruptions and data leaks. Prompt upgrade advised.
Several vulnerabilities have been discovered in the Linux kernel that may lead to the execution of arbitrary code, privilege escalation, denial of service or information leaks

Summary

A potential out-of-bounds read was discovered in the F2FS
implementation. A user permitted to mount and access arbitrary
filesystems could potentially use this to cause a denial of
service (crash) or to read sensitive information.

CVE-2019-19073, CVE-2019-19074

Navid Emamdoost discovered potential memory leaks in the ath9k and
ath9k_htc drivers. The security impact of these is unclear.

CVE-2019-19448

"Team bobfuzzer" reported a bug in Btrfs that could lead to a
use-after-free, and could be triggered by crafted filesystem
images. A user permitted to mount and access arbitrary
filesystems could use this to cause a denial of service (crash or
memory corruption) or possibly for privilege escalation.

CVE-2020-12351

Andy Nguyen discovered a flaw in the Bluetooth implementation in
the way L2CAP packets with A2MP CID are handled. A remote attacker
within a short distance, knowing the victim's Bluetooth device

Read the Full Advisory


Severity
critical
Lowest
Low
Medium
High
Critical

-------------------------------------------------------------------------Package: linux
Version: 4.9.240-1
CVE ID: CVE-2019-9445 CVE-2019-19073 CVE-2019-19074 CVE-2019-19448

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here