USN-4426-1
Vulnerability Summary
Timeline
Description
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading SSDT code from an EFI variable. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. (CVE-2019-20908) Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Pages. A local attacker with access to DAX storage could use this to gain administrative privileges. (CVE-2020-10757) Mauricio Faria de Oliveira discovered that the aufs implementation in the Linux kernel improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service. (CVE-2020-11935) Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading ACPI tables via configfs. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. (CVE-2020-15780)
Affected Systems
- ubuntu•linux
< 4.15.0-112.113
- ubuntu•linux-aws
< 4.15.0-1079.83
- ubuntu•linux-aws-hwe
< 4.15.0-1079.83~16.04.1
- ubuntu•linux-azure
< 4.15.0-1092.102~16.04.1
- ubuntu•linux-azure-4.15
< 4.15.0-1092.102
- ubuntu•linux-gcp
< 4.15.0-1080.90~16.04.1
- ubuntu•linux-gcp-4.15
< 4.15.0-1080.90
- ubuntu•linux-gke-4.15
< 4.15.0-1066.69
- ubuntu•linux-hwe
< 4.15.0-112.113~16.04.1
- ubuntu•linux-kvm
< 4.15.0-1071.72
- ubuntu•linux-oem
< 4.15.0-1093.103
- ubuntu•linux-oracle
< 4.15.0-1050.54~16.04.1 | < 4.15.0-1050.54
- ubuntu•linux-raspi2
< 4.15.0-1067.71
- ubuntu•linux-snapdragon
< 4.15.0-1083.91