These are CVE-2020-11669, discovered by David Gibson and affecting only Power9 CPUs, allowing a local attacker in a guest virtual machine to cause a denial of service and crash the host system, and CVE-2020-12657, a flaw discovered in Linux kernel’s block layer, which could allow a local attacker to either crash the system or execute arbitrary code. Two other flaws were patched in the Linux 4.15 kernel series for Ubuntu 18.04 LTS and Ubuntu 16.04.6 LTS systems. Two issues are common for both the Linux 4.15 and 4.4 kernel series, namely a flaw ( CVE-2020-11494) discovered in the Serial CAN interface driver that could allow a local attacker to expose sensitive information (kernel memory) and a vulnerability ( CVE-2020-11565) that could let a local attacker with access to specify mount options to the tmpfs virtual memory file system to crash the system by causing a denial of service.
Two kernel updates are available for the Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04.6 LTS (Xenial Xerus) operating system series running the Linux 4.15 LTS kernel series, as well as Ubuntu 16.04 LTS systems running the Linux 4.4 LTS kernel series. Canonical’s Ubuntu Security Team has published new Linux kernel security updates for Ubuntu 18.04 LTS and Ubuntu 16.04 LTS systems to address several vulnerabilities.
0 kommentar(er)
