Canonical published today a new set of important Ubuntu kernel security updates for all supported releases to mitigate the recent Intel SRBDS/CrossTalk vulnerabilities and other flaws.
Canonical already released the other day a new version of the intel-microcode firmware to mitigate the latest Intel vulnerabilities, but now it also published new versions of the Linux kernel for all supported Ubuntu releases, including Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS.
Apart from mitigating the Intel SRBDS/CrossTalk vulnerability (CVE-2020-0543), the new Linux kernel security updates fixes race conditions (CVE-2020-12114) discovered by Piotr Krysiuk in the file system implementation, which lets a local attacker cause a denial of service (system crash).
Also addressed are a flaw (CVE-2020-0067) discovered in Linux kernel’s F2FS file system implementation that allowed a local attacker to expose sensitive information (kernel memory), and a vulnerability (CVE-2020-10751) discovered by Dmitry Vyukov in the SELinux netlink security hook, which could allow a privileged attacker to bypass SELinux netlink restrictions. The latter only affects the Linux 5.4 kernel of Ubuntu 20.04 LTS and Linux 4.15 kernel of Ubuntu 18.04 LTS and Ubuntu 16.04 LTS.
Two other security issues were fixed, namely a use-after-free flaw (CVE-2020-12464) in the USB susbsystem’s scatter-gather implementation and an out-of-bounds write vulnerability (CVE-2020-12659) in the XDP socket implementation. Both could allow attackers (a physically proximate attacker in the first case and a local attacker with the CAP_NET_ADMIN capability in the second case) to cause a denial of service (system crash) or possibly execute arbitrary code.
In the Linux 5.0 kernel of Ubuntu 18.04 LTS systems running on Google Container Engine (GKE) systems or using the OEM kernel and the Linux 4.15 kernel of Ubuntu 18.04 LTS and Ubuntu 16.04 LTS systems, the new security update also fixes a vulnerability (CVE-2020-1749) discovered by Xiumei Mu in the IPSec implementation, which could allow an attacker to expose sensitive information.
Lastly, in the Linux 4.4 kernel of Ubuntu 16.04 LTS systems, it was patched a flaw (CVE-2019-19319) discovered in the EXT4 file system implementation that could allow a local attacker to cause a denial of service (system crash) or possibly execute arbitrary code, a race condition (CVE-2020-12769) discovered in the DesignWare SPI controller driver that could allow a local attacker to cause a denial of service (system crash), and an integer overflow (CVE-2020-12826) in the exit signaling implementation that could allow a local attacker to cause a denial of service (arbitrary application crash).
Canonical notes the fact that the mitigation for the Intel SRBDS/CrossTalk vulnerability requires you to also install the latest Intel processor microcode update, either via the intel-microcode package from the repositories or from your system manufacturer.
Users are urged to update their systems as soon as possible to the new Linux kernel versions that are now available in the stable software repositories of all supported Ubuntu releases. A standard system update (
sudo apt-get update && sudo apt-get full-upgrade) will install the new kernels, but you’ll have to reboot your computers to successfully mitigate all the vulnerabilities.
A Linux kernel Live Patch security update is also available for Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS systems using Canonical’s Livepatch Service for rebootless kernel updates. This fixes the Intel SRBDS/CrossTalk vulnerability, several flaws found in the virtual terminal implementation, and an issue discovered in the Serial CAN interface driver.