USN-4708-1

Advisory lineage Upstream: 10 Downstream: 0
Published: 28 Jan 2021, 07:09
Last modified:03 Jun 2026, 13:33

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

28 Jan 2021, 07:09
Published
Vulnerability first disclosed
03 Jun 2026, 13:33
Last Modified
Vulnerability information updated

Description

linux, linux-lts-xenial vulnerabilities Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service (system crash). (CVE-2018-13093) It was discovered that the btrfs file system implementation in the Linux kernel did not properly validate file system metadata in some situations. An attacker could use this to construct a malicious btrfs image that, when mounted, could cause a denial of service (system crash). (CVE-2019-19813, CVE-2019-19816) Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-25669) Daniel Axtens discovered that PowerPC RTAS implementation in the Linux kernel did not properly restrict memory accesses in some situations. A privileged local attacker could use this to arbitrarily modify kernel memory, potentially bypassing kernel lockdown restrictions. (CVE-2020-27777)

Affected Systems

  • ubuntulinux

    < 4.4.0-201.233

  • ubuntulinux-lts-xenial

    < 4.4.0-201.233~14.04.1

References (6)