Ubuntu 18.04, 20.04: Security Advisory for Kernel DoS and Code Exploits

Several security vulnerabilities were recently addressed by Canonical in both Graphviz and the Linux kernel of Ubuntu.

Recent discoveries include null pointer dereference vulnerabilities in Graphviz and improper handling of indirect branch prediction isolation between L1 and L2 VMs in the KVM VMX implementation of the Linux kernel.

Graphviz is susceptible to being exploited via a specially crafted input file, which could cause problems like denial of service.

Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and 14.04 ESM are the only versions affected by this issue. The graphviz software was discovered to be a victim of vulnerabilities related to a null pointer dereference.

A buffer overflow vulnerability has also been discovered in graphviz that could lead to arbitrary code execution.

The link for this article located at CyberSecurity News is no longer available.