USN-4343-1: Linux kernel vulnerability
28 April 2020
Systems running on s390x architecture could be made to crash or run programs as an administrator under certain conditions.
- linux - Linux kernel
Al Viro discovered that the Linux kernel for s390x systems did not properly
perform page table upgrades for kernel sections that use secondary address
mode. A local attacker could use this to cause a denial of service (system
crash) or execute arbitrary code.
The problem can be corrected by updating your system to the following package versions:
- linux-image-5.4.0-28-generic - 5.4.0-28.32
- linux-image-5.4.0-28-generic-lpae - 5.4.0-28.32
- linux-image-5.4.0-28-lowlatency - 5.4.0-28.32
- linux-image-generic - 184.108.40.206.33
- linux-image-generic-lpae - 220.127.116.11.33
- linux-image-lowlatency - 18.104.22.168.33
- linux-image-oem - 22.214.171.124.33
- linux-image-oem-osp1 - 126.96.36.199.33
- linux-image-virtual - 188.8.131.52.33
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.