LSN-0069-1

Advisory lineage Upstream: 6 Downstream: 0
Published: 27 Jul 2020, 06:24
Last modified:23 May 2026, 01:30

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

27 Jul 2020, 06:24
Published
Vulnerability first disclosed
23 May 2026, 01:30
Last Modified
Vulnerability information updated

Description

Kernel Live Patch Security Notice Relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result. (CVE-2019-19462) Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Pages. A local attacker with access to DAX storage could use this to gain administrative privileges. (CVE-2020-10757) It was discovered that the DesignWare SPI controller driver in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2020-12769) In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c. (CVE-2020-14416)

Affected Systems

  • ubuntulinux

    < 4.4.0-184.214 | < 4.15.0-112.113 | < 5.4.0-45.49 | all

  • ubuntulinux-aws

    < 4.4.0-1109.120 | < 4.15.0-1079.83 | < 5.4.0-1022.22 | all

  • ubuntulinux-azure

    < 5.4.0-1023.23 | all

  • ubuntulinux-gcp

    < 5.4.0-1022.22 | all

  • ubuntulinux-oem

    < 4.15.0-1093.103 | all

References (4)