usn.ubuntu.com

Merge ~bromer/usn.ubuntu.com/+git/lsn:lsn into usn.ubuntu.com:master

  1. Git
  2. lp:~bromer/usn.ubuntu.com/+git/lsn
  3. lsn
  4. Merge into master
Proposed by Ben Romer
Status: Merged
Merged at revision: 9265aab97dc14f993115f8d21381d50ccf04439c
Proposed branch: ~bromer/usn.ubuntu.com/+git/lsn:lsn
Merge into: usn.ubuntu.com:master
Diff against target: 108 lines (+102/-0)
1 file modified
content/lsn/0069-1.md (+102/-0)
Reviewer Review Type Date Requested Status
Steve Beattie Approve
Review via email: mp+388135@code.launchpad.net

Commit message

Update for LSN-0069-1

To post a comment you must log in.
Revision history for this message
Steve Beattie (sbeattie) wrote :

LGTM, merged. Thanks.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1diff --git a/content/lsn/0069-1.md b/content/lsn/0069-1.md
2new file mode 100644
3index 0000000..b881449
4--- /dev/null
5+++ b/content/lsn/0069-1.md
6@@ -0,0 +1,102 @@
7+---
8+title: "LSN-0069-1: Kernel Live Patch Security Notice"
9+permalink: /lsn/0069-1/index.html
10+releases: [ubuntu-16.04-lts,ubuntu-20.04-lts,ubuntu-18.04-lts]
11+date: 2020-07-27 08:24:34
12+description: "Several security issues were fixed in the kernel."
13+---
14+
15+## Linux kernel vulnerabilities
16+
17+A security issue affects these releases of Ubuntu and its derivatives:
18+
19+* Ubuntu 18.04 LTS
20+* Ubuntu 20.04 LTS
21+* Ubuntu 16.04 LTS
22+
23+### Summary
24+
25+Several security issues were fixed in the kernel.
26+
27+### Software Description
28+
29+* linux - Linux kernel
30+* linux-aws - Linux kernel for Amazon Web Services (AWS) systems
31+* linux-azure - Linux kernel for Microsoft Azure Cloud systems
32+* linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
33+* linux-oem - Linux kernel for OEM systems
34+
35+### Details
36+
37+Relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local
38+users to cause a denial of service (such as relay blockage) by triggering a
39+NULL alloc_percpu result. (CVE-2019-19642)
40+
41+Fan Yang discovered that the mremap implementation in the Linux kernel did
42+not properly handle DAX Huge Pages. A local attacker with access to DAX
43+storage could use this to gain administrative privileges. (CVE-2020-10757)
44+
45+It was discovered that the DesignWare SPI controller driver in the Linux
46+kernel contained a race condition. A local attacker could possibly use this
47+to cause a denial of service (system crash). (CVE-2020-12769)
48+
49+In the Linux kernel before 5.4.16, a race condition in tty->disc_data
50+handling in the slip and slcan line discipline could lead to a
51+use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c
52+and drivers/net/can/slcan.c. (CVE-2020-14416)
53+
54+## Update instructions
55+
56+The problem can be corrected by updating your kernel livepatch to the following
57+versions:
58+
59+Ubuntu 18.04 LTS
60+: aws - 69.1
61+: generic - 69.1
62+: lowlatency - 69.1
63+: oem - 69.1
64+
65+Ubuntu 20.04 LTS
66+: aws - 69.1
67+: azure - 69.1
68+: gcp - 69.1
69+: generic - 69.1
70+: lowlatency - 69.1
71+
72+Ubuntu 16.04 LTS
73+: aws - 69.1
74+: generic - 69.1
75+: lowlatency - 69.1
76+
77+## Support Information
78+
79+Kernels older than the levels listed below do not receive livepatch
80+updates. If you are running a kernel version earlier than the one listed
81+below, please upgrade your kernel as soon as possible.
82+
83+Ubuntu 18.04 LTS
84+: linux-aws - 4.15.0-1054
85+: linux-azure - 5.0.0-1025
86+: linux-gcp - 5.0.0-1025
87+: linux-oem - 4.15.0-1063
88+: linux - 4.15.0-69
89+
90+Ubuntu 20.04 LTS
91+: linux-aws - 5.4.0-1009
92+: linux-azure - 5.4.0-1010
93+: linux-gcp - 5.4.0-1009
94+: linux-oem - 5.4.0-26
95+: linux - 5.4.0-26
96+
97+Ubuntu 16.04 LTS
98+: linux-aws - 4.4.0-1098
99+: linux-azure - 4.15.0-1063
100+: linux-hwe - 4.15.0-69
101+: linux - 4.4.0-168
102+
103+## References
104+
105+* [CVE-2019-19642](https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19642)
106+* [CVE-2020-10757](https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10757)
107+* [CVE-2020-12769](https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12769)
108+* [CVE-2020-14416](https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14416)

Subscribers

People subscribed via source and target branches