LSN-0068-1: Kernel Live Patch Security Notice

9 June 2020

Linux kernel vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 ESM

Summary

Several security issues were fixed in the kernel.

Software Description

  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-oem - Linux kernel for OEM systems

Special Notice for CVE-2020-0543

On June 9, Intel announced CVE-2020-0543, a CPU hardware issue known as Special Register Buffer Data Sampling (SRBDS), which could result in data leaks from random number generation instructions. The issue affects a subset of Intel CPUs and is mitigated by a CPU microcode update. This is a hardware issue and cannot be mitigated with a livepatch.

The kernel update associated with the CVE provides the ability to turn the mitigation on and off and to report the presence of the mitigation in the microcode, and should be installed with the updated microcode.

To determine if your Intel CPU is affected, consult Intel’s list of affected processors. Note that AMD processors, and architectures other than x86_64, are not affected by this CVE.

Users affected by this issue should update their kernel and CPU microcode, and reboot into the new kernel. Users not affected by CVE-2020-0543 may continue to use livepatch updates without rebooting.

For more information about the CVE and our response, please consult the Ubuntu SRBDS wiki page.

Details

It was discovered that the virtual terminal implementation in the Linux kernel did not properly handle resize events. A local attacker could use this to expose sensitive information. (CVE-2020-8647)

It was discovered that the virtual terminal implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2020-8648)

It was discovered that the virtual terminal implementation in the Linux kernel did not properly handle resize events. A local attacker could use this to expose sensitive information. (CVE-2020-8649)

It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-11494)

Piotr Krysiuk discovered that race conditions existed in the file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12114)

Update instructions

The problem can be corrected by updating your kernel livepatch to the following versions:

Ubuntu 18.04 LTS
aws - 68.1
generic - 68.1
lowlatency - 68.1
oem - 68.1
Ubuntu 16.04 LTS
aws - 68.1
generic - 67.1
generic - 68.1
lowlatency - 67.1
lowlatency - 68.1
Ubuntu 14.04 ESM
generic - 66.1
lowlatency - 66.1

Support Information

Kernels older than the levels listed below do not receive livepatch updates. If you are running a kernel version earlier than the one listed below, please upgrade your kernel as soon as possible.

Ubuntu 18.04 LTS
linux - 4.15.0-69
linux-aws - 4.15.0-1054
linux-azure - 5.0.0-1025
linux-gcp - 5.0.0-1025
linux-oem - 4.15.0-1063
Ubuntu 20.04 LTS
linux - 5.4.0-26
linux-aws - 5.4.0-1009
linux-azure - 5.4.0-1010
linux-gcp - 5.4.0-1009
linux-oem - 5.4.0-26
Ubuntu 16.04 LTS
linux - 4.4.0-168
linux-aws - 4.4.0-1098
linux-azure - 4.15.0-1063
linux-hwe - 4.15.0-69
Ubuntu 14.04 ESM
linux-lts-xenial - 4.4.0-168

References