LSN-0068-1: Kernel Live Patch Security Notice
9 June 2020
Several security issues were fixed in the kernel.
Releases
Software Description
- aws - Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1054, >= 4.4.0-1098)
- generic-4.15 - Linux kernel - (>= 4.15.0-69)
- generic-4.4 - Linux kernel - (>= 4.4.0-168, >= 4.4.0-168, >= 4.4.0-168)
- lowlatency-4.15 - Linux kernel - (>= 4.15.0-69)
- lowlatency-4.4 - Linux kernel - (>= 4.4.0-168, >= 4.4.0-168, >= 4.4.0-168)
- oem - Linux kernel for OEM systems - (>= 4.15.0-1063)
Details
It was discovered that the virtual terminal implementation in the Linux
kernel did not properly handle resize events. A local attacker could use
this to expose sensitive information. (CVE-2020-8647)
It was discovered that the virtual terminal implementation in the Linux
kernel contained a race condition. A local attacker could possibly use this
to cause a denial of service (system crash) or expose sensitive
information. (CVE-2020-8648)
It was discovered that the virtual terminal implementation in the Linux
kernel did not properly handle resize events. A local attacker could use
this to expose sensitive information. (CVE-2020-8649)
It was discovered that the Serial CAN interface driver in the Linux kernel
did not properly initialize data. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2020-11494)
Piotr Krysiuk discovered that race conditions existed in the file system
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2020-12114)
Checking update status
The problem can be corrected in these Livepatch versions:
| Kernel type | 18.04 | 16.04 | 14.04 |
|---|---|---|---|
| aws | 68.1 | 68.1 | — |
| generic-4.15 | 68.1 | — | — |
| generic-4.4 | — | 68.1 | 66.1 |
| lowlatency-4.15 | 68.1 | — | — |
| lowlatency-4.4 | — | 68.1 | 66.1 |
| oem | 68.1 | — | — |
To check your kernel type and Livepatch version, enter this command:
canonical-livepatch status