Canonical released today major Linux kernel updates for all supported Ubuntu releases to address multiple security vulnerabilities discovered by various security researchers.
A total of 14 security vulnerabilities have been fixed in these new major Ubuntu kernel updates, including a race condition (CVE-2020-0423) that may lead to a use-after-free vulnerability, discovered in Linux kernel’s binder IPC implementation. This flaw affects Ubuntu 20.10, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS systems, and could allow a local attacker to cause a denial of service (system crash) or possibly execute arbitrary code.
Affecting all supported Ubuntu releases, this kernel update addresses a Bluetooth security vulnerability (CVE-2020-10135) discovered by Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen, which could allow a physically proximate attacker to impersonate a previously paired Bluetooth device.
Same goes for CVE-2020-25705, a nasty flaw discovered by Keyu Man in Linux kernel’s ICMP global rate limiter, which could allow a remote attacker to facilitate attacks on UDP based services that depend on source port randomization, and CVE-2020-14351, a race condition discovered in Linux kernel’s perf subsystem, which could lead to a use-after-free vulnerability, allowing an attacker with access to the perf subsystem to cause a denial of service (system crash) or possibly execute arbitrary code.
Also affecting all supported Ubuntu releases is CVE-2020-28915, a security flaw discovered in Linux kernel’s framebuffer implementation, and CVE-2020-4788, a vulnerability discovered in Power 9 processors. Both vulnerabilities could allow a local attacker to expose sensitive information.
This major kernel update also fixes several other security flaws affecting only Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS systems. These include CVE-2020-14351, a race condition in the perf subsystem, and CVE-2020-14390, a flaw discovered in the frame buffer implementation, CVE-2020-25211, a flaw found in the netfilter connection tracker for netlink, and CVE-2020-25643, a flaw discovered in the HDLC PPP implementation. These could allow local attackers to cause a denial of service (system crash) or possibly execute arbitrary code.
Same goes for CVE-2020-25284, a vulnerability discovered in Linux kernel’s Rados block device (rbd) driver, which could allow a local attacker could use this to map or unmap rbd block devices, and CVE-2020-25645, a security flaw discovered in Linux kernel’s GENEVE tunnel implementation, which could allow an attacker to expose sensitive information (unencrypted network traffic).
This update also addresses CVE-2020-27152, a flaw affecting only Ubuntu 20.10 systems, discovered in Linux kernel’s KVM hypervisor and allowing a local attacker in a guest virtual machine to crash the host system by causing a denial of service.
Only for Ubuntu 16.04 LTS systems, the update patches two more flaws, namely CVE-2020-0427 discovered by Elena Petrova in Linux kernel’s pin controller device tree implementation, which could allow a local attacker to expose sensitive information (kernel memory), and CVE-2020-12352, a vulnerability discovered by Andy Nguyen in Linux kernel’s Bluetooth A2MP implementation, which could let a physically proximate remote attacker to expose sensitive information (kernel memory).
The new Linux kernel updates are available right now in the software repositories of Ubuntu 20.10 (Groovy Gorilla), Ubuntu 20.04 LTS (Focal Fossa), Ubuntu 18.04 LTS (Bionic Beaver), and Ubuntu 16.04 LTS (Xenial Xerus) operating system series, and they affect all supported architectures and kernel flavors, including 32-bit, 64-bit, ARM (Raspberry Pi), KVM, AWS, azure, GCP, PowerPC, Snapdragon, and Oracle.
Canonical urges all users to update their installations as soon as possible. The new kernel versions are linux-image 5.8.0-31.33 for Ubuntu 20.10 (64-bit), linux-image 5.4.0-56.62 for Ubuntu 20.04 LTS (64-bit), linux-image 5.4.0-56.62~18.04.1 for Ubuntu 18.04 LTS (64-bit), and linux-image 4.4.0-197.229 for Ubuntu 16.04 LTS (64-bit).
Last updated 1 year ago