English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.844651
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-4577-1)
Summary:The remote host is missing an update for the 'linux-gke-5.0, linux-gke-5.3, linux-hwe, linux-oem-osp1, linux-raspi2-5.3' package(s) announced via the USN-4577-1 advisory.
Description:Summary:
The remote host is missing an update for the 'linux-gke-5.0, linux-gke-5.3, linux-hwe, linux-oem-osp1, linux-raspi2-5.3' package(s) announced via the USN-4577-1 advisory.

Vulnerability Insight:
Hadar Manor discovered that the DCCP protocol implementation in the Linux
kernel improperly handled socket reuse, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2020-16119)

Giuseppe Scrivano discovered that the overlay file system in the Linux
kernel did not properly perform permission checks in some situations. A
local attacker could possibly use this to bypass intended restrictions and
gain read access to restricted files. (CVE-2020-16120)

Affected Software/OS:
'linux-gke-5.0, linux-gke-5.3, linux-hwe, linux-oem-osp1, linux-raspi2-5.3' package(s) on Ubuntu 18.04.

Solution:
Please install the updated package(s).

CVSS Score:
4.6

CVSS Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-16119
https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza@canonical.com/T/
Debian Security Information: DSA-4978 (Google Search)
https://www.debian.org/security/2021/dsa-4978
https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal/commit/?id=01872cb896c76cedeabe93a08456976ab55ad695
https://launchpad.net/bugs/1883840
https://ubuntu.com/USN-4576-1
https://ubuntu.com/USN-4577-1
https://ubuntu.com/USN-4578-1
https://ubuntu.com/USN-4579-1
https://ubuntu.com/USN-4580-1
Common Vulnerability Exposure (CVE) ID: CVE-2020-16120
https://git.kernel.org/linus/05acefb4872dae89e772729efb194af754c877e8
https://git.kernel.org/linus/48bd024b8a40d73ad6b086de2615738da0c7004f
https://git.kernel.org/linus/56230d956739b9cb1cbde439d76227d77979a04d
https://git.kernel.org/linus/b6650dab404c701d7fe08a108b746542a934da84
https://git.kernel.org/linus/d1d04ef8572bc8c22265057bd3d5a79f223f8f52
https://www.openwall.com/lists/oss-security/2020/10/14/2
https://launchpad.net/bugs/1894980
https://launchpad.net/bugs/1900141
CopyrightCopyright (C) 2020 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.