Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Ubuntu 18.04 LTS: USN-4390-1 Severe: Linux Kernel Denial of Service

ubuntu
Calendar Grey June 9, 2020
Dist Ubuntu Esm H88
=========================================================================Ubuntu Security Notice USN-
Several security issues were fixed in the Linux kernel.

Summary

Several security issues were fixed in the Linux kernel.

Software Description:

- linux: Linux kernel

- linux-aws: Linux kernel for Amazon Web Services (AWS) systems

- linux-azure-4.15: Linux kernel for Microsoft Azure Cloud systems

- linux-gke-4.15: Linux kernel for Google Container Engine (GKE) systems

- linux-kvm: Linux kernel for cloud environments

- linux-oem: Linux kernel for OEM systems

- linux-oracle: Linux kernel for Oracle Cloud systems

- linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems

- linux-azure: Linux kernel for Microsoft Azure Cloud systems

- linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems

- linux-hwe: Linux hardware enablement (HWE) kernel

Details:

It was discovered that the F2FS file system implementation in the Linux

kernel did not properly perform bounds checking on xattrs in some

situations. A local attacker could possibly use this to expose sensitive

information (kernel memory). (CVE-2020-0067)

It was discovered that mem...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  linux-image-4.15.0-1045-oracle  4.15.0-1045.49
  linux-image-4.15.0-106-generic  4.15.0-106.107
  linux-image-4.15.0-106-generic-lpae  4.15.0-106.107
  linux-image-4.15.0-106-lowlatency  4.15.0-106.107
  linux-image-4.15.0-1063-gke     4.15.0-1063.66
  linux-image-4.15.0-1067-kvm     4.15.0-1067.68
  linux-image-4.15.0-1073-aws     4.15.0-1073.77
  linux-image-4.15.0-1087-oem     4.15.0-1087.97
  linux-image-4.15.0-1089-azure   4.15.0-1089.99
  linux-image-aws-lts-18.04       4.15.0.1073.76
  linux-image-azure-lts-18.04     4.15.0.1089.60
  linux-image-generic             4.15.0.106.94
  linux-image-generic-lpae        4.15.0.106.94
  linux-image-gke                 4.15.0.1063.65
  linux-image-gke-4.15            4.15.0.1063.65
  linux-image-kvm                 4.15.0.1067.63
  linux-image-lowlatency          4.15.0.106.94
  linux-image-oem                 4.15.0.1087.91
  linux-image-oracle-lts-18.04    4.15.0.1045.54
  linux-image-powerpc-e500mc      4.15.0.106.94
  linux-image-powerpc-smp         4.15.0.106.94
  linux-image-powerpc64-emb       4.15.0.106.94
  linux-image-powerpc64-smp       4.15.0.106.94
  linux-image-virtual             4.15.0.106.94

Ubuntu 16.04 LTS:
  linux-image-4.15.0-1045-oracle  4.15.0-1045.49~16.04.1
  linux-image-4.15.0-106-generic  4.15.0-106.107~16.04.1
  linux-image-4.15.0-106-generic-lpae  4.15.0-106.107~16.04.1
  linux-image-4.15.0-106-lowlatency  4.15.0-106.107~16.04.1
  linux-image-4.15.0-1073-aws     4.15.0-1073.77~16.04.1
  linux-image-4.15.0-1077-gcp     4.15.0-1077.87~16.04.1
  linux-image-4.15.0-1089-azure   4.15.0-1089.99~16.04.1
  linux-image-aws-hwe             4.15.0.1073.73
  linux-image-azure               4.15.0.1089.84
  linux-image-azure-edge          4.15.0.1089.84
  linux-image-gcp                 4.15.0.1077.79
  linux-image-generic-hwe-16.04   4.15.0.106.111
  linux-image-generic-lpae-hwe-16.04  4.15.0.106.111
  linux-image-gke                 4.15.0.1077.79
  linux-image-lowlatency-hwe-16.04  4.15.0.106.111
  linux-image-oem                 4.15.0.106.111
  linux-image-oracle              4.15.0.1045.38
  linux-image-virtual-hwe-16.04   4.15.0.106.111

Ubuntu 14.04 ESM:
  linux-image-4.15.0-1089-azure   4.15.0-1089.99~14.04.1
  linux-image-azure               4.15.0.1089.66

Please note that the mitigation for CVE-2020-0543 requires a processor
microcode update to be applied, either from your system manufacturer
or via the intel-microcode package. The kernel update for this
issue provides the ability to disable the mitigation and to report
vulnerability status.

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

https://ubuntu.com/security/notices/USN-4390-1

CVE-2020-0067, CVE-2020-0543, CVE-2020-10751, CVE-2020-12114,

CVE-2020-12464, CVE-2020-1749,

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SRBDS

June 10, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here