|Category:||Ubuntu Local Security Checks|
|Title:||Ubuntu: Security Advisory for linux (USN-4363-1)|
|Summary:||The remote host is missing an update for the 'linux'; package(s) announced via the USN-4363-1 advisory.|
The remote host is missing an update for the 'linux'
package(s) announced via the USN-4363-1 advisory.
It was discovered that the Serial CAN interface driver in the Linux kernel
did not properly initialize data. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2020-11494)
It was discovered that the linux kernel did not properly validate certain
mount options to the tmpfs virtual memory file system. A local attacker
with the ability to specify mount options could use this to cause a denial
of service (system crash). (CVE-2020-11565)
David Gibson discovered that the Linux kernel on Power9 CPUs did not
properly save and restore Authority Mask registers state in some
situations. A local attacker in a guest VM could use this to cause a denial
of service (host system crash). (CVE-2020-11669)
It was discovered that the block layer in the Linux kernel contained a race
condition leading to a use-after-free vulnerability. A local attacker could
possibly use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2020-12657)
'linux' package(s) on Ubuntu 18.04 LTS, Ubuntu 16.04 LTS.
Please install the updated package(s).
Common Vulnerability Exposure (CVE) ID: CVE-2020-11494|
Common Vulnerability Exposure (CVE) ID: CVE-2020-11565
Common Vulnerability Exposure (CVE) ID: CVE-2020-11669
Common Vulnerability Exposure (CVE) ID: CVE-2020-12657
|Copyright||Copyright (C) 2020 Greenbone Networks GmbH|
|This is only one of 85075 vulnerability tests in our test suite. Find out more about running a complete security audit.|
To run a free test of this vulnerability against your system, register below.