usn.ubuntu.com

Merge ~bromer/usn.ubuntu.com/+git/lsn:lsn into usn.ubuntu.com:master

  1. Git
  2. lp:~bromer/usn.ubuntu.com/+git/lsn
  3. lsn
  4. Merge into master
Proposed by Ben Romer
Status: Merged
Merged at revision: 9265aab97dc14f993115f8d21381d50ccf04439c
Proposed branch: ~bromer/usn.ubuntu.com/+git/lsn:lsn
Merge into: usn.ubuntu.com:master
Diff against target: 108 lines (+102/-0)
1 file modified
content/lsn/0069-1.md (+102/-0)
Reviewer Review Type Date Requested Status
Steve Beattie Approve
Review via email: mp+388135@code.launchpad.net

Commit message

Update for LSN-0069-1

To post a comment you must log in.
Revision history for this message
Steve Beattie (sbeattie) wrote :

LGTM, merged. Thanks.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
diff --git a/content/lsn/0069-1.md b/content/lsn/0069-1.md
0new file mode 1006440new file mode 100644
index 0000000..b881449
--- /dev/null
+++ b/content/lsn/0069-1.md
@@ -0,0 +1,102 @@
1---
2title: "LSN-0069-1: Kernel Live Patch Security Notice"
3permalink: /lsn/0069-1/index.html
4releases: [ubuntu-16.04-lts,ubuntu-20.04-lts,ubuntu-18.04-lts]
5date: 2020-07-27 08:24:34
6description: "Several security issues were fixed in the kernel."
7---
8
9## Linux kernel vulnerabilities
10
11A security issue affects these releases of Ubuntu and its derivatives:
12
13* Ubuntu 18.04 LTS
14* Ubuntu 20.04 LTS
15* Ubuntu 16.04 LTS
16
17### Summary
18
19Several security issues were fixed in the kernel.
20
21### Software Description
22
23* linux - Linux kernel
24* linux-aws - Linux kernel for Amazon Web Services (AWS) systems
25* linux-azure - Linux kernel for Microsoft Azure Cloud systems
26* linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
27* linux-oem - Linux kernel for OEM systems
28
29### Details
30
31Relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local
32users to cause a denial of service (such as relay blockage) by triggering a
33NULL alloc_percpu result. (CVE-2019-19642)
34
35Fan Yang discovered that the mremap implementation in the Linux kernel did
36not properly handle DAX Huge Pages. A local attacker with access to DAX
37storage could use this to gain administrative privileges. (CVE-2020-10757)
38
39It was discovered that the DesignWare SPI controller driver in the Linux
40kernel contained a race condition. A local attacker could possibly use this
41to cause a denial of service (system crash). (CVE-2020-12769)
42
43In the Linux kernel before 5.4.16, a race condition in tty->disc_data
44handling in the slip and slcan line discipline could lead to a
45use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c
46and drivers/net/can/slcan.c. (CVE-2020-14416)
47
48## Update instructions
49
50The problem can be corrected by updating your kernel livepatch to the following
51versions:
52
53Ubuntu 18.04 LTS
54: aws - 69.1
55: generic - 69.1
56: lowlatency - 69.1
57: oem - 69.1
58
59Ubuntu 20.04 LTS
60: aws - 69.1
61: azure - 69.1
62: gcp - 69.1
63: generic - 69.1
64: lowlatency - 69.1
65
66Ubuntu 16.04 LTS
67: aws - 69.1
68: generic - 69.1
69: lowlatency - 69.1
70
71## Support Information
72
73Kernels older than the levels listed below do not receive livepatch
74updates. If you are running a kernel version earlier than the one listed
75below, please upgrade your kernel as soon as possible.
76
77Ubuntu 18.04 LTS
78: linux-aws - 4.15.0-1054
79: linux-azure - 5.0.0-1025
80: linux-gcp - 5.0.0-1025
81: linux-oem - 4.15.0-1063
82: linux - 4.15.0-69
83
84Ubuntu 20.04 LTS
85: linux-aws - 5.4.0-1009
86: linux-azure - 5.4.0-1010
87: linux-gcp - 5.4.0-1009
88: linux-oem - 5.4.0-26
89: linux - 5.4.0-26
90
91Ubuntu 16.04 LTS
92: linux-aws - 4.4.0-1098
93: linux-azure - 4.15.0-1063
94: linux-hwe - 4.15.0-69
95: linux - 4.4.0-168
96
97## References
98
99* [CVE-2019-19642](https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19642)
100* [CVE-2020-10757](https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10757)
101* [CVE-2020-12769](https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12769)
102* [CVE-2020-14416](https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14416)

Subscribers

People subscribed via source and target branches