LSN-0068-1

Advisory lineage Upstream: 12 Downstream: 0
Published: 09 Jun 2020, 10:07
Last modified:03 Jun 2026, 14:03

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

09 Jun 2020, 10:07
Published
Vulnerability first disclosed
03 Jun 2026, 14:03
Last Modified
Vulnerability information updated

Description

Kernel Live Patch Security Notice It was discovered that the virtual terminal implementation in the Linux kernel did not properly handle resize events. A local attacker could use this to expose sensitive information. (CVE-2020-8647) It was discovered that the virtual terminal implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2020-8648) It was discovered that the virtual terminal implementation in the Linux kernel did not properly handle resize events. A local attacker could use this to expose sensitive information. (CVE-2020-8649) It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-11494) Piotr Krysiuk discovered that race conditions existed in the file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12114)

Affected Systems

  • ubuntulinux

    all | < 4.4.0-184.214 | < 4.15.0-106.107

  • ubuntulinux-aws

    all | < 4.4.0-1109.120 | < 4.15.0-1073.77

  • ubuntulinux-lts-xenial

    all | < 4.4.0-184.214~14.04.1

  • ubuntulinux-oem

    all | < 4.15.0-1087.97

References (7)