Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 18.04 LTS: 0064-1 Critical: Kernel Security Risk Exposure

ubuntu
Calendar Grey March 19, 2020
Dist Ubuntu Esm H88
The Kernel Live Patch Security Notice 0064-1 highlights critical security vulnerabilities found within various versions of Ubuntu.
Several security issues were fixed in the kernel.

Summary

Several security issues were fixed in the kernel.

Software Description:

- linux: Linux kernel

Details:

Paulo Bonzini discovered that the KVM hypervisor implementation in the

Linux kernel could improperly let a nested (level 2) guest access the

resources of a parent (level 1) guest in certain situations. An attacker

could use this to expose sensitive information. (CVE-2020-2732)

Update Instructions

The problem can be corrected by updating your livepatches to the following
versions:

| Kernel                   | Version  | flavors                  |
|--------------------------+----------+--------------------------|
| 4.4.0-168.197            | 64.2     | generic, lowlatency      |
| 4.4.0-168.197~14.04.1    | 64.2     | lowlatency, generic      |
| 4.4.0-169.198            | 64.2     | generic, lowlatency      |
| 4.4.0-169.198~14.04.1    | 64.2     | lowlatency, generic      |
| 4.4.0-170.199            | 64.2     | lowlatency, generic      |
| 4.4.0-170.199~14.04.1    | 64.2     | lowlatency, generic      |
| 4.4.0-171.200            | 64.2     | lowlatency, generic      |
| 4.4.0-171.200~14.04.1    | 64.2     | generic, lowlatency      |
| 4.4.0-173.203            | 64.2     | generic, lowlatency      |
| 4.4.0-173.203~14.04.1    | 64.2     | generic, lowlatency      |
| 4.4.0-174.204            | 64.2     | lowlatency, generic      |
| 4.4.0-1098.109           | 64.2     | aws                      |
| 4.4.0-1099.110           | 64.2     | aws                      |
| 4.4.0-1100.111           | 64.2     | aws                      |
| 4.4.0-1101.112           | 64.2     | aws                      |
| 4.4.0-1102.113           | 64.2     | aws                      |
| 4.15.0-69.78             | 64.2     | generic, lowlatency      |
| 4.15.0-69.78~16.04.1     | 64.2     | lowlatency, generic      |
| 4.15.0-70.79             | 64.2     | lowlatency, generic      |
| 4.15.0-70.79~16.04.1     | 64.2     | generic, lowlatency      |
| 4.15.0-72.81             | 64.2     | generic, lowlatency      |
| 4.15.0-72.81~16.04.1     | 64.2     | generic, lowlatency      |
| 4.15.0-74.83~16.04.1     | 64.2     | lowlatency, generic      |
| 4.15.0-74.84             | 64.2     | generic, lowlatency      |
| 4.15.0-76.86             | 64.2     | generic, lowlatency      |
| 4.15.0-76.86~16.04.1     | 64.2     | lowlatency, generic      |
| 4.15.0-88.88             | 64.2     | generic, lowlatency      |
| 4.15.0-88.88~16.04.1     | 64.2     | lowlatency, generic      |
| 4.15.0-1054.56           | 64.2     | aws                      |
| 4.15.0-1056.58           | 64.2     | aws                      |
| 4.15.0-1057.59           | 64.2     | aws                      |
| 4.15.0-1058.60           | 64.2     | aws                      |
| 4.15.0-1060.62           | 64.2     | aws                      |
| 4.15.0-1063.68           | 64.2     | azure                    |
| 4.15.0-1063.72           | 64.2     | oem                      |
| 4.15.0-1064.69           | 64.2     | azure                    |
| 4.15.0-1064.73           | 64.2     | oem                      |
| 4.15.0-1065.75           | 64.2     | oem                      |
| 4.15.0-1066.71           | 64.2     | azure                    |
| 4.15.0-1066.76           | 64.2     | oem                      |
| 4.15.0-1067.72           | 64.2     | azure                    |
| 4.15.0-1067.77           | 64.2     | oem                      |
| 4.15.0-1069.74           | 64.2     | azure                    |
| 4.15.0-1069.79           | 64.2     | oem                      |
| 4.15.0-1071.76           | 64.2     | azure                    |
| 4.15.0-1073.83           | 64.2     | oem                      |
| 5.0.0-1025.26~18.04.1    | 64.5     | gcp                      |
| 5.0.0-1025.27~18.04.1    | 64.4     | azure                    |
| 5.0.0-1027.29~18.04.1    | 64.4     | azure                    |
| 5.0.0-1028.29~18.04.1    | 64.5     | gcp                      |
| 5.0.0-1028.30~18.04.1    | 64.4     | azure                    |
| 5.0.0-1029.30~18.04.1    | 64.5     | gcp                      |
| 5.0.0-1029.31~18.04.1    | 64.4     | azure                    |

Support Information:

Kernels older than the levels listed below do not receive livepatch
updates. Please upgrade your kernel as soon as possible.

| Series           | Version          | Flavors                  |
|------------------+------------------+--------------------------|
| Ubuntu 18.04 LTS | 4.15.0-1054      | aws                      |
| Ubuntu 16.04 LTS | 4.4.0-1098       | aws                      |
| Ubuntu 18.04 LTS | 5.0.0-1025       | azure                    |
| Ubuntu 16.04 LTS | 4.15.0-1063      | azure                    |
| Ubuntu 18.04 LTS | 4.15.0-69        | generic lowlatency       |
| Ubuntu 18.04 LTS | 5.0.0-1025       | gcp                      |
| Ubuntu 16.04 LTS | 4.15.0-69        | generic lowlatency       |
| Ubuntu 14.04 LTS | 4.4.0-168        | generic lowlatency       |
| Ubuntu 18.04 LTS | 4.15.0-1063      | oem                      |
| Ubuntu 16.04 LTS | 4.4.0-168        | generic lowlatency       |

References

CVE-2020-2732

--

ubuntu-security-announce mailing list

ubuntu-security-announce@lists.ubuntu.com

Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Severity
critical
Lowest
Low
Medium
High
Critical

March 19, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here