1. Ubuntu Security Notices
  2. USN-4749-1

USN-4749-1: Linux kernel vulnerabilities

Publication date

25 February 2021

Overview

Several security issues were fixed in the Linux kernel.

Releases

Packages

  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-azure-4.15 - Linux kernel for Microsoft Azure Cloud systems
  • linux-dell300x - Linux kernel for Dell 300x platforms
  • linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-gke-4.15 - Linux kernel for Google Container Engine (GKE) systems
  • linux-hwe - Linux hardware enablement (HWE) kernel
  • linux-kvm - Linux kernel for cloud environments
  • linux-oracle - Linux kernel for Oracle Cloud systems
  • linux-raspi2 - Linux kernel for Raspberry Pi (V8) systems
  • linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors

Details

Bodong Zhao discovered a use-after-free in the Sun keyboard driver
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2020-25669)

It was discovered that the jfs file system implementation in the Linux
kernel contained an out-of-bounds read vulnerability. A local attacker
could use this to possibly cause a denial of service (system crash).
(CVE-2020-27815)

Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in
the Linux kernel did not correctly handle setting line discipline in some
situations. A local attacker could use this to cause a denial of service
(system crash). (CVE-2020-27830, CVE-2020-28941)

It was discovered that the memory management subsystem in the...

Bodong Zhao discovered a use-after-free in the Sun keyboard driver
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2020-25669)

It was discovered that the jfs file system implementation in the Linux
kernel contained an out-of-bounds read vulnerability. A local attacker
could use this to possibly cause a denial of service (system crash).
(CVE-2020-27815)

Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in
the Linux kernel did not correctly handle setting line discipline in some
situations. A local attacker could use this to cause a denial of service
(system crash). (CVE-2020-27830, CVE-2020-28941)

It was discovered that the memory management subsystem in the Linux kernel
did not properly handle copy-on-write operations in some situations. A
local attacker could possibly use this to gain unintended write access to
read-only memory pages. (CVE-2020-29374)

Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event
processing backend in the Linux kernel did not properly limit the number of
events queued. An attacker in a guest VM could use this to cause a denial
of service in the host OS. (CVE-2020-29568)

Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the
Xen paravirt block backend in the Linux kernel, leading to a use-after-free
vulnerability. An attacker in a guest VM could use this to cause a denial
of service in the host OS. (CVE-2020-29569)

Jann Horn discovered that the tty subsystem of the Linux kernel did not use
consistent locking in some situations, leading to a read-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information (kernel memory).
(CVE-2020-29660)

Jann Horn discovered a race condition in the tty subsystem of the Linux
kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after-
free vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2020-29661)

Update instructions

After a standard system update you need to reboot your computer to make all the necessary changes.

Learn more about how to get the fixes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
18.04 bionic linux-image-4.15.0-1012-dell300x –  4.15.0-1012.16
linux-image-4.15.0-1065-oracle –  4.15.0-1065.73
linux-image-4.15.0-1079-gke –  4.15.0-1079.84
linux-image-4.15.0-1079-raspi2 –  4.15.0-1079.84
linux-image-4.15.0-1085-kvm –  4.15.0-1085.87
linux-image-4.15.0-1093-gcp –  4.15.0-1093.106
linux-image-4.15.0-1094-aws –  4.15.0-1094.101
linux-image-4.15.0-1096-snapdragon –  4.15.0-1096.105
linux-image-4.15.0-1108-azure –  4.15.0-1108.120
linux-image-4.15.0-136-generic –  4.15.0-136.140
linux-image-4.15.0-136-generic-lpae –  4.15.0-136.140
linux-image-4.15.0-136-lowlatency –  4.15.0-136.140
linux-image-aws-lts-18.04 –  4.15.0.1094.97
linux-image-azure-lts-18.04 –  4.15.0.1108.81
linux-image-dell300x –  4.15.0.1012.14
linux-image-gcp-lts-18.04 –  4.15.0.1093.111
linux-image-generic –  4.15.0.136.123
linux-image-generic-lpae –  4.15.0.136.123
linux-image-gke –  4.15.0.1079.83
linux-image-gke-4.15 –  4.15.0.1079.83
linux-image-kvm –  4.15.0.1085.81
linux-image-lowlatency –  4.15.0.136.123
linux-image-oracle-lts-18.04 –  4.15.0.1065.75
linux-image-raspi2 –  4.15.0.1079.76
linux-image-snapdragon –  4.15.0.1096.99
linux-image-virtual –  4.15.0.136.123
16.04 xenial linux-image-4.15.0-1065-oracle –  4.15.0-1065.73~16.04.1
linux-image-4.15.0-1093-gcp –  4.15.0-1093.106~16.04.1
linux-image-4.15.0-1094-aws –  4.15.0-1094.101~16.04.1
linux-image-4.15.0-1108-azure –  4.15.0-1108.120~16.04.1
linux-image-4.15.0-136-generic –  4.15.0-136.140~16.04.1
linux-image-4.15.0-136-generic-lpae –  4.15.0-136.140~16.04.1
linux-image-4.15.0-136-lowlatency –  4.15.0-136.140~16.04.1
linux-image-aws-hwe –  4.15.0.1094.87
linux-image-azure –  4.15.0.1108.99
linux-image-gcp –  4.15.0.1093.94
linux-image-generic-hwe-16.04 –  4.15.0.136.132
linux-image-generic-lpae-hwe-16.04 –  4.15.0.136.132
linux-image-gke –  4.15.0.1093.94
linux-image-lowlatency-hwe-16.04 –  4.15.0.136.132
linux-image-oem –  4.15.0.136.132
linux-image-oracle –  4.15.0.1065.53
linux-image-virtual-hwe-16.04 –  4.15.0.136.132
14.04 trusty linux-image-4.15.0-1108-azure –  4.15.0-1108.120~14.04.1
linux-image-azure –  4.15.0.1108.81

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›