Your submission was sent successfully! Close

LSN-0067-1: Kernel Live Patch Security Notice

20 May 2020

Several security issues were fixed in the kernel.

Releases

Software Description

  • aws - Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1054, >= 4.4.0-1098)
  • azure - Linux kernel for Microsoft Azure Cloud systems - (>= 5.0.0-1025)
  • gcp - Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.0.0-1025)
  • generic-4.15 - Linux kernel - (>= 4.15.0-69)
  • generic-4.4 - Linux kernel - (>= 4.4.0-168)
  • lowlatency-4.15 - Linux kernel - (>= 4.15.0-69)
  • lowlatency-4.4 - Linux kernel - (>= 4.4.0-168)
  • oem - Linux kernel for OEM systems - (>= 4.15.0-1063)

Details

It was discovered that the Serial CAN interface driver in the Linux kernel
did not properly initialize data. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2020-11494)

Checking update status

The problem can be corrected in these Livepatch versions:

Kernel type 18.04 16.04
aws 67.1 67.1
azure 67.1
gcp 67.1
generic-4.15 67.1
generic-4.4 67.1
lowlatency-4.15 67.1
lowlatency-4.4 67.1
oem 67.1

To check your kernel type and Livepatch version, enter this command:

References