UBUNTU-CVE-2020-12769

Description

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

CVSS Metrics

• v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Affected Systems

• ubuntu•linux

  all | < 4.4.0-184.214 | < 4.15.0-96.97

• ubuntu•linux-aws

  < 4.4.0-1073.77 | < 4.4.0-1109.120 | < 4.15.0-1065.69

• ubuntu•linux-aws-5.0

  all

• ubuntu•linux-aws-fips

  < 4.15.0-2018.18 | all

• ubuntu•linux-aws-hwe

  < 4.15.0-1065.69~16.04.1

• ubuntu•linux-azure

  < 4.15.0-1077.82~14.04.1 | < 4.15.0-1077.82 | all

• ubuntu•linux-azure-5.3

  < 5.3.0-1019.20~18.04.1

• ubuntu•linux-azure-edge

  all

• ubuntu•linux-azure-fde

  all

• ubuntu•linux-azure-fips

  < 4.15.0-2006.7 | all

• ubuntu•linux-fips

  < 4.4.0-1041.46 | all

• ubuntu•linux-gcp

  < 4.15.0-1060.64 | all

• ubuntu•linux-gcp-5.3

  < 5.3.0-1017.18~18.04.1

• ubuntu•linux-gcp-edge

  all

• ubuntu•linux-gcp-fips

  all

• ubuntu•linux-gke

  all

• ubuntu•linux-gke-4.15

  < 4.15.0-1057.60

• ubuntu•linux-gke-5.0

  < 5.0.0-1033.34

• ubuntu•linux-gke-5.3

  < 5.3.0-1017.18~18.04.1

• ubuntu•linux-hwe

  < 4.15.0-96.97~16.04.1 | < 5.3.0-46.38~18.04.1

• ubuntu•linux-hwe-edge

  all | all

• ubuntu•linux-intel-iot-realtime

  all

• ubuntu•linux-kvm

  < 4.4.0-1075.82 | < 4.15.0-1058.59

• ubuntu•linux-lts-xenial

  < 4.4.0-184.214~14.04.1

• ubuntu•linux-nvidia

  all

• ubuntu•linux-oem

  < 4.15.0-1079.89

• ubuntu•linux-oem-osp1

  < 5.0.0-1047.52

• ubuntu•linux-oracle

  < 4.15.0-1037.41~16.04.1 | < 4.15.0-1037.41

• ubuntu•linux-oracle-5.0

  all

• ubuntu•linux-oracle-5.3

  < 5.3.0-1014.15~18.04.1

• ubuntu•linux-raspi-realtime

  all

• ubuntu•linux-raspi2

  < 4.4.0-1135.144 | < 4.15.0-1060.64 | all

• ubuntu•linux-raspi2-5.3

  < 5.3.0-1022.24~18.04.1

• ubuntu•linux-realtime

  all

• ubuntu•linux-riscv

  all

• ubuntu•linux-snapdragon

  < 4.4.0-1139.147 | < 4.15.0-1076.83

References (7)

• https://ubuntu.com/security/CVE-2020-12769
• https://git.kernel.org/linus/19b61392c5a852b4e8a0bf35aecb969983c5932d
• https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.17
• https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19b61392c5a852b4e8a0bf35aecb969983c5932d
• https://lkml.org/lkml/2020/2/3/559
• https://ubuntu.com/security/notices/USN-4391-1
• https://www.cve.org/CVERecord?id=CVE-2020-12769