LSN-0068-1: Kernel Live Patch Security Notice

09 June 2020

Several security issues were fixed in the kernel.

Releases

Software Description

  • aws - Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1054, >= 4.4.0-1098)
  • generic-4.15 - Linux kernel - (>= 4.15.0-69)
  • generic-4.4 - Linux kernel - (>= 4.4.0-168, >= 4.4.0-168, >= 4.4.0-168)
  • lowlatency-4.15 - Linux kernel - (>= 4.15.0-69)
  • lowlatency-4.4 - Linux kernel - (>= 4.4.0-168, >= 4.4.0-168, >= 4.4.0-168)
  • oem - Linux kernel for OEM systems - (>= 4.15.0-1063)

Details

It was discovered that the virtual terminal implementation in the Linux
kernel did not properly handle resize events. A local attacker could use
this to expose sensitive information. (CVE-2020-8647)

It was discovered that the virtual terminal implementation in the Linux
kernel contained a race condition. A local attacker could possibly use this
to cause a denial of service (system crash) or expose sensitive
information. (CVE-2020-8648)

It was discovered that the virtual terminal implementation in the Linux
kernel did not properly handle resize events. A local attacker could use
this to expose sensitive information. (CVE-2020-8649)

It was discovered that the Serial CAN interface driver in the Linux kernel
did not properly initialize data. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2020-11494)

Piotr Krysiuk discovered that race conditions existed in the file system
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2020-12114)

Checking update status

The problem can be corrected in these Livepatch versions:

Kernel type 18.04 16.04 14.04
aws 68.1 68.1
generic-4.15 68.1
generic-4.4 68.1 66.1
lowlatency-4.15 68.1
lowlatency-4.4 68.1 66.1
oem 68.1

To check your kernel type and Livepatch version, enter this command: