usn.ubuntu.com

Merge ~bromer/usn.ubuntu.com/+git/lsn:lsn into usn.ubuntu.com:master

  1. Git
  2. lp:~bromer/usn.ubuntu.com/+git/lsn
  3. lsn
  4. Merge into master
Proposed by Ben Romer
Status: Merged
Merged at revision: 362a550d8f62db3ba5d8972284e867638ee69cb1
Proposed branch: ~bromer/usn.ubuntu.com/+git/lsn:lsn
Merge into: usn.ubuntu.com:master
Diff against target: 89 lines (+83/-0)
1 file modified
content/lsn/0067-1.md (+83/-0)
Reviewer Review Type Date Requested Status
Steve Beattie Approve
Review via email: mp+384262@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Steve Beattie (sbeattie) wrote :

This is merged and live at https://usn.ubuntu.com/lsn/0067-1/. Thanks!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/content/lsn/0067-1.md b/content/lsn/0067-1.md
0new file mode 1006440new file mode 100644
index 0000000..b8c8d48
--- /dev/null
+++ b/content/lsn/0067-1.md
@@ -0,0 +1,83 @@
1---
2title: "LSN-0067-1: Kernel Live Patch Security Notice"
3permalink: /lsn/0067-1/index.html
4releases: [ubuntu-16.04-lts,ubuntu-18.04-lts]
5date: 2020-05-20 08:16:48
6description: "Several security issues were fixed in the kernel."
7---
8
9## Linux kernel vulnerabilities
10
11A security issue affects these releases of Ubuntu and its derivatives:
12
13* Ubuntu 18.04 LTS
14* Ubuntu 16.04 LTS
15
16### Summary
17
18Several security issues were fixed in the kernel.
19
20### Software Description
21
22* linux - Linux kernel
23* linux-aws - Linux kernel for Amazon Web Services (AWS) systems
24* linux-azure - Linux kernel for Microsoft Azure Cloud systems
25* linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
26* linux-oem - Linux kernel for OEM systems
27
28### Details
29
30It was discovered that the Serial CAN interface driver in the Linux kernel
31did not properly initialize data. A local attacker could use this to expose
32sensitive information (kernel memory). (CVE-2020-11494)
33
34## Update instructions
35
36The problem can be corrected by updating your kernel livepatch to the following
37versions:
38
39Ubuntu 18.04 LTS
40: aws - 67.1
41: azure - 67.1
42: gcp - 67.1
43: generic - 67.1
44: lowlatency - 67.1
45: oem - 67.1
46
47Ubuntu 16.04 LTS
48: aws - 67.1
49: generic - 67.1
50: lowlatency - 67.1
51
52## Support Information
53
54Kernels older than the levels listed below do not receive livepatch
55updates. If you are running a kernel version earlier than the one listed
56below, please upgrade your kernel as soon as possible.
57
58Ubuntu 18.04 LTS
59: linux - 4.15.0-69
60: linux-aws - 4.15.0-1054
61: linux-azure - 5.0.0-1025
62: linux-gcp - 5.0.0-1025
63: linux-oem - 4.15.0-1063
64
65Ubuntu 20.04 LTS
66: linux - 5.4.0-26
67: linux-aws - 5.4.0-1009
68: linux-azure - 5.4.0-1010
69: linux-gcp - 5.4.0-1009
70: linux-oem - 5.4.0-26
71
72Ubuntu 16.04 LTS
73: linux - 4.4.0-168
74: linux-aws - 4.4.0-1098
75: linux-azure - 4.15.0-1063
76: linux-hwe - 4.15.0-69
77
78Ubuntu 14.04 ESM
79: linux-lts-xenial - 4.4.0-168
80
81## References
82
83* [CVE-2020-11494](https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11494)

Subscribers

People subscribed via source and target branches