--===============3473179463803432463== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="rJ8inJ6ig7iY3YX9" Content-Disposition: inline
--rJ8inJ6ig7iY3YX9 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-4342-1 April 28, 2020
linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.3, linux-hwe, linux-kvm, linux-raspi2, linux-raspi2-5.3 vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 19.10 - Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-gke-5.3: Linux kernel for Google Container Engine (GKE) systems - linux-hwe: Linux hardware enablement (HWE) kernel - linux-raspi2-5.3: Linux kernel for Raspberry Pi 2
Details:
Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-11884)
It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16234)
Tristan Madani discovered that the block I/O tracing implementation in the Linux kernel contained a race condition. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2019-19768)
It was discovered that the vhost net driver in the Linux kernel contained a stack buffer overflow. A local attacker with the ability to perform ioctl() calls on /dev/vhost-net could use this to cause a denial of service (system crash). (CVE-2020-10942)
It was discovered that the virtual terminal implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2020-8648)
Shijie Luo discovered that the ext4 file system implementation in the Linux kernel did not properly check for a too-large journal size. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (soft lockup). (CVE-2020-8992)
Jordy Zomer discovered that the floppy driver in the Linux kernel did not properly check for errors in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2020-9383)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 19.10: linux-image-5.3.0-1016-kvm 5.3.0-1016.17 linux-image-5.3.0-1017-aws 5.3.0-1017.18 linux-image-5.3.0-1018-gcp 5.3.0-1018.19 linux-image-5.3.0-1020-azure 5.3.0-1020.21 linux-image-5.3.0-1023-raspi2 5.3.0-1023.25 linux-image-5.3.0-51-generic 5.3.0-51.44 linux-image-5.3.0-51-generic-lpae 5.3.0-51.44 linux-image-5.3.0-51-lowlatency 5.3.0-51.44 linux-image-5.3.0-51-snapdragon 5.3.0-51.44 linux-image-aws 5.3.0.1017.19 linux-image-azure 5.3.0.1020.39 linux-image-gcp 5.3.0.1018.19 linux-image-generic 5.3.0.51.42 linux-image-generic-lpae 5.3.0.51.42 linux-image-gke 5.3.0.1018.19 linux-image-kvm 5.3.0.1016.18 linux-image-lowlatency 5.3.0.51.42 linux-image-raspi2 5.3.0.1023.20 linux-image-snapdragon 5.3.0.51.42 linux-image-virtual 5.3.0.51.42
Ubuntu 18.04 LTS: linux-image-5.3.0-1018-gke 5.3.0-1018.19~18.04.1 linux-image-5.3.0-1023-raspi2 5.3.0-1023.25~18.04.1 linux-image-5.3.0-51-generic 5.3.0-51.44~18.04.2 linux-image-5.3.0-51-generic-lpae 5.3.0-51.44~18.04.2 linux-image-5.3.0-51-lowlatency 5.3.0-51.44~18.04.2 linux-image-generic-hwe-18.04 5.3.0.51.104 linux-image-generic-lpae-hwe-18.04 5.3.0.51.104 linux-image-gke-5.3 5.3.0.1018.8 linux-image-lowlatency-hwe-18.04 5.3.0.51.104 linux-image-raspi2-hwe-18.04 5.3.0.1023.12 linux-image-snapdragon-hwe-18.04 5.3.0.51.104 linux-image-virtual-hwe-18.04 5.3.0.51.104
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://usn.ubuntu.com/4342-1 CVE-2019-16234, CVE-2019-19768, CVE-2020-10942, CVE-2020-11884, CVE-2020-8648, CVE-2020-8992, CVE-2020-9383
Package Information: https://launchpad.net/ubuntu/+source/linux/5.3.0-51.44 https://launchpad.net/ubuntu/+source/linux-aws/5.3.0-1017.18 https://launchpad.net/ubuntu/+source/linux-azure/5.3.0-1020.21 https://launchpad.net/ubuntu/+source/linux-gcp/5.3.0-1018.19 https://launchpad.net/ubuntu/+source/linux-kvm/5.3.0-1016.17 https://launchpad.net/ubuntu/+source/linux-raspi2/5.3.0-1023.25 https://launchpad.net/ubuntu/+source/linux-gke-5.3/5.3.0-1018.19~18.04.1 https://launchpad.net/ubuntu/+source/linux-hwe/5.3.0-51.44~18.04.2 https://launchpad.net/ubuntu/+source/linux-raspi2-5.3/5.3.0-1023.25~18.04.1
--rJ8inJ6ig7iY3YX9 Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAl6oyQkACgkQLwmejQBe gfTVXA/+KRXZ8t3TnQpE1zuBGxq2YEWi+MdGfoyYhPIauvFXBGZOf/NjRWs36ATX pCh7z7Ovmua8TP3SdecZRhjnxog8+5Y5TKcck4DsmRYUqpSiHTo97mBR6MzEQnmF 6XLWqFkV1Nv21s/Plh1p/Vcb7UQa13XBRftvdR1JiO7r0FHyaXAeaEQLqNHucTau zdErITknS9msjzn6CrkUBjbDFBf99tCbcgzLFD557AHO7aQCf2GDP8sXI5VP1AH9 BeH8mBy680T49yLbHyVF/dYxdT7r4JM74kfTVqtoaDzaGSQQ/G5xDG2J/FbKvDRL U1AWl9oAtnKudYdSlvzPAu5pC5t5fXkWROjx8rBjsbooE4WSx3R/ZYy6m1urhjeY NcQSOaHn1AADLl5tRW1w+TbQqpycwKl83fvWdLxQBxYmjnYzKGjL3LecM+K6mbiK UAs9YgPf6sw1Tr6o5FRLbf2Ur1rxL/v6QIj9rjr6V2KaQ/b32/zzT4bDd0DIkcQ0 XI6Y2UIUuUyMog+ns3s8d8dyg3j8CbSRSebMb7nWfXNw9rsIri+KCOI1aQGwLUbN q+oiQOs+MmCrc8j84R8LGaijb9+Ai8Sil7MQi2giN5mtHjOGUnYJdJJv+0g2VU8d APV8/FDVbaEv1sfiKVedxDTGDLVW8jfw3bbn2MAeea3mEZFM0ww= =2cdN -----END PGP SIGNATURE-----
--rJ8inJ6ig7iY3YX9--
--===============3473179463803432463== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|