1. Ubuntu Security Notices
  2. LSN-0069-1

LSN-0069-1: Kernel Live Patch Security Notice

Publication date

27 July 2020

Overview

Several security issues were fixed in the kernel.

Releases

Software description

  • aws – Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1054, >= 5.4.0-1009, >= 4.4.0-1098)
  • azure – Linux kernel for Microsoft Azure Cloud systems - (>= 5.4.0-1010)
  • gcp – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.4.0-1009)
  • generic-4.15 – Linux kernel - (>= 4.15.0-69)
  • generic-4.4 – Linux kernel - (>= 4.4.0-168)
  • generic-5.4 – Linux kernel - (>= 5.4.0-26)
  • lowlatency-4.15 – Linux kernel - (>= 4.15.0-69)
  • lowlatency-4.4 – Linux kernel - (>= 4.4.0-168)
  • lowlatency-5.4 – Linux kernel - (>= 5.4.0-26)
  • oem – Linux kernel for OEM systems - (>= 4.15.0-1063)
  • aws – Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1054, >= 5.4.0-1009, >= 4.4.0-1098)
  • azure – Linux kernel for Microsoft Azure Cloud systems - (>= 5.4.0-1010)
  • gcp – Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.4.0-1009)
  • generic-4.15 – Linux kernel - (>= 4.15.0-69)
  • generic-4.4 – Linux kernel - (>= 4.4.0-168)
  • generic-5.4 – Linux kernel - (>= 5.4.0-26)
  • lowlatency-4.15 – Linux kernel - (>= 4.15.0-69)
  • lowlatency-4.4 – Linux kernel - (>= 4.4.0-168)
  • lowlatency-5.4 – Linux kernel - (>= 5.4.0-26)
  • oem – Linux kernel for OEM systems - (>= 4.15.0-1063)

Details

Relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local
users to cause a denial of service (such as relay blockage) by triggering a
NULL alloc_percpu result. (CVE-2019-19462)

Fan Yang discovered that the mremap implementation in the Linux kernel did
not properly handle DAX Huge Pages. A local attacker with access to DAX
storage could use this to gain administrative privileges. (CVE-2020-10757)

It was discovered that the DesignWare SPI controller driver in the Linux
kernel contained a race condition. A local attacker could possibly use this
to cause a denial of service (system crash). (CVE-2020-12769)

In the Linux kernel before 5.4.16, a race condition in tty->disc_data
handling in the slip and slcan line discipline could lead to a
use-after-free, aka CID-0ace17d56824. This affects...

Relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local
users to cause a denial of service (such as relay blockage) by triggering a
NULL alloc_percpu result. (CVE-2019-19462)

Fan Yang discovered that the mremap implementation in the Linux kernel did
not properly handle DAX Huge Pages. A local attacker with access to DAX
storage could use this to gain administrative privileges. (CVE-2020-10757)

It was discovered that the DesignWare SPI controller driver in the Linux
kernel contained a race condition. A local attacker could possibly use this
to cause a denial of service (system crash). (CVE-2020-12769)

In the Linux kernel before 5.4.16, a race condition in tty->disc_data
handling in the slip and slcan line discipline could lead to a
use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c
and drivers/net/can/slcan.c. (CVE-2020-14416)

Checking update status

To check your kernel type and Livepatch version, enter this command:

canonical-livepatch status

The problem can be corrected in these Livepatch versions:

Kernel type 20.04 18.04 16.04
aws 69.1 69.1 69.1
azure 69.1
gcp 69.1
generic-4.15 69.1
generic-4.4 69.1
generic-5.4 69.1
lowlatency-4.15 69.1
lowlatency-4.4 69.1
lowlatency-5.4 69.1
oem 69.1

References

Have additional questions?

Talk to a member of the team ›