You are here
Home > Preporuke > Sigurnosni nedostaci jezgre operacijskog sustava

Sigurnosni nedostaci jezgre operacijskog sustava

==========================================================================
Ubuntu Security Notice USN-4591-1
October 19, 2020

linux, linux-hwe, linux-hwe-5.4, linux-oem, linux-raspi, linux-raspi-5.4,
linux-snapdragon vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.04 LTS
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux: Linux kernel
– linux-raspi: Linux kernel for Raspberry Pi (V8) systems
– linux-hwe-5.4: Linux hardware enablement (HWE) kernel
– linux-oem: Linux kernel for OEM systems
– linux-raspi-5.4: Linux kernel for Raspberry Pi (V8) systems
– linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors
– linux-hwe: Linux hardware enablement (HWE) kernel

Details:

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)

Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
linux-image-5.4.0-1022-raspi 5.4.0-1022.25
linux-image-5.4.0-52-generic 5.4.0-52.57
linux-image-5.4.0-52-generic-lpae 5.4.0-52.57
linux-image-5.4.0-52-lowlatency 5.4.0-52.57
linux-image-generic 5.4.0.52.55
linux-image-generic-hwe-18.04 5.4.0.52.55
linux-image-generic-hwe-18.04-edge 5.4.0.52.55
linux-image-generic-hwe-20.04 5.4.0.52.55
linux-image-generic-lpae 5.4.0.52.55
linux-image-generic-lpae-hwe-18.04 5.4.0.52.55
linux-image-generic-lpae-hwe-18.04-edge 5.4.0.52.55
linux-image-generic-lpae-hwe-20.04 5.4.0.52.55
linux-image-lowlatency 5.4.0.52.55
linux-image-lowlatency-hwe-18.04 5.4.0.52.55
linux-image-lowlatency-hwe-18.04-edge 5.4.0.52.55
linux-image-lowlatency-hwe-20.04 5.4.0.52.55
linux-image-oem 5.4.0.52.55
linux-image-oem-osp1 5.4.0.52.55
linux-image-raspi 5.4.0.1022.57
linux-image-raspi-hwe-18.04 5.4.0.1022.57
linux-image-raspi-hwe-18.04-edge 5.4.0.1022.57
linux-image-raspi2 5.4.0.1022.57
linux-image-raspi2-hwe-18.04 5.4.0.1022.57
linux-image-raspi2-hwe-18.04-edge 5.4.0.1022.57
linux-image-virtual 5.4.0.52.55
linux-image-virtual-hwe-18.04 5.4.0.52.55
linux-image-virtual-hwe-18.04-edge 5.4.0.52.55
linux-image-virtual-hwe-20.04 5.4.0.52.55

Ubuntu 18.04 LTS:
linux-image-4.15.0-1090-snapdragon 4.15.0-1090.99
linux-image-4.15.0-1100-oem 4.15.0-1100.110
linux-image-4.15.0-122-generic 4.15.0-122.124
linux-image-4.15.0-122-generic-lpae 4.15.0-122.124
linux-image-4.15.0-122-lowlatency 4.15.0-122.124
linux-image-5.4.0-1022-raspi 5.4.0-1022.25~18.04.1
linux-image-5.4.0-52-generic 5.4.0-52.57~18.04.1
linux-image-5.4.0-52-generic-lpae 5.4.0-52.57~18.04.1
linux-image-5.4.0-52-lowlatency 5.4.0-52.57~18.04.1
linux-image-generic 4.15.0.122.109
linux-image-generic-hwe-18.04 5.4.0.52.57~18.04.46
linux-image-generic-lpae 4.15.0.122.109
linux-image-generic-lpae-hwe-18.04 5.4.0.52.57~18.04.46
linux-image-lowlatency 4.15.0.122.109
linux-image-lowlatency-hwe-18.04 5.4.0.52.57~18.04.46
linux-image-oem 4.15.0.1100.104
linux-image-powerpc-e500mc 4.15.0.122.109
linux-image-powerpc-smp 4.15.0.122.109
linux-image-powerpc64-emb 4.15.0.122.109
linux-image-powerpc64-smp 4.15.0.122.109
linux-image-raspi-hwe-18.04 5.4.0.1022.26
linux-image-snapdragon 4.15.0.1090.93
linux-image-snapdragon-hwe-18.04 5.4.0.52.57~18.04.46
linux-image-virtual 4.15.0.122.109
linux-image-virtual-hwe-18.04 5.4.0.52.57~18.04.46

Ubuntu 16.04 LTS:
linux-image-4.15.0-122-generic 4.15.0-122.124~16.04.1
linux-image-4.15.0-122-generic-lpae 4.15.0-122.124~16.04.1
linux-image-4.15.0-122-lowlatency 4.15.0-122.124~16.04.1
linux-image-generic-hwe-16.04 4.15.0.122.122
linux-image-generic-hwe-16.04-edge 4.15.0.122.122
linux-image-generic-lpae-hwe-16.04 4.15.0.122.122
linux-image-generic-lpae-hwe-16.04-edge 4.15.0.122.122
linux-image-lowlatency-hwe-16.04 4.15.0.122.122
linux-image-lowlatency-hwe-16.04-edge 4.15.0.122.122
linux-image-oem 4.15.0.122.122
linux-image-virtual-hwe-16.04 4.15.0.122.122
linux-image-virtual-hwe-16.04-edge 4.15.0.122.122

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://usn.ubuntu.com/4591-1
CVE-2020-12351, CVE-2020-12352

Package Information:
https://launchpad.net/ubuntu/+source/linux/5.4.0-52.57
https://launchpad.net/ubuntu/+source/linux-raspi/5.4.0-1022.25
https://launchpad.net/ubuntu/+source/linux/4.15.0-122.124
https://launchpad.net/ubuntu/+source/linux-hwe-5.4/5.4.0-52.57~18.04.1
https://launchpad.net/ubuntu/+source/linux-oem/4.15.0-1100.110
https://launchpad.net/ubuntu/+source/linux-raspi-5.4/5.4.0-1022.25~18.04.1
https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1090.99
https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-122.124~16.04.1

—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAl+ONhsACgkQLwmejQBe
gfSszw//Xb5Of2UPBhbHAADW0tEg4dKiHdzFA6iBA/f/QBPzRIeTEPDfreQDzCTD
xkq7eGbNSUbzuSauzZwAvvmdPq9qhzaoqZ8+qVctGsBPovJhz3MwZTPze3vne1df
fQKodK68Vu7hLt0McCNOxDY7Zam+DkMPloHubTE/0Ts1VaBHzl7EsrN9nj82HS/u
oNLjp/4byF9T/7dXOJSFRLnjPCGwYjhNy0s6iLlZKjfC7JBXCmjVqA6kQF+6noBB
bLNTYhPI46D3txAbXWSYsGUtLGNKc0KOKf1aAqFTUoaVO8ZEYXvmBW8b8BFVN0eJ
n7yk8959Uqpbg9xP7uJNFnOrIyFjZHHuoBW4xy/awdGztqSC0xYFHI5XLtIMk00E
eX3DigtKKiuCMXgCgq3FxNRT179POkm7pGyBZZLj7qu/rEzowFFXSnLrzAN/49Ee
MlOmNk2P0YOv6MImfK6pJk3YausmrvCxo0kxxX2WdpB2eFfIWRwHuei+SHAPyMAS
K2Bwkex6XJPvpkziRdJ9NYwNrZ32oIn7hE7P9uAXy+wpNnJmUhpdtP4Yag+ivpBU
zeW0plyHs2kgoGixptySrnxXvTldYrV9B509yHSoKL/LT8QhbDTvqlQtxDy12kcF
EocIELJFoOxNi4KNHDYxq0HT+ib8vI07lxz/6Sa+DKP2ZZxj6EA=
=hwvQ
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-4592-1
October 20, 2020

linux-oem-osp1, linux-raspi2-5.3 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS

Summary:

Several security issues were fixed in the Linux kernel.

Software Description:
– linux-oem-osp1: Linux kernel for OEM systems
– linux-raspi2-5.3: Linux kernel for Raspberry Pi (V8) systems

Details:

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux
kernel contained a type-confusion error. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-12351)

Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)

Andy Nguyen discovered that the Bluetooth HCI event packet parser in the
Linux kernel did not properly handle event advertisements of certain sizes,
leading to a heap-based buffer overflow. A physically proximate remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-24490)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
linux-image-5.0.0-1070-oem-osp1 5.0.0-1070.76
linux-image-5.3.0-1036-raspi2 5.3.0-1036.38
linux-image-oem-osp1 5.0.0.1070.68
linux-image-raspi2-hwe-18.04 5.3.0.1036.25

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://usn.ubuntu.com/4592-1
CVE-2020-12351, CVE-2020-12352, CVE-2020-24490

Package Information:
https://launchpad.net/ubuntu/+source/linux-oem-osp1/5.0.0-1070.76
https://launchpad.net/ubuntu/+source/linux-raspi2-5.3/5.3.0-1036.38

—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAl+ONioACgkQLwmejQBe
gfQtqw/+JTkJa9btlUw3RaLzrK/+/2sQhytojEUzuPAou/evOdb/3eXhjcy/KHv1
kRQ5e9cZCobPeXWIDb/hCzIW9nhnDwHotpkSWjuQIUfFhD+taI0HbAeX/VwqYviz
1EMplV0vMM6qmkS75rYdrIMB/x6YKAg2jUPyQ7j3AQBkH7zq+EgB5na9O1s7oI+p
a9LgxAS7eZEUV7gtKUA3Y9q1GLAxejCvetMpBUAwd4tmo1uIBe575BmR6FfQOP5a
LVynkiLEFScoHdTk78aj9FApDXvI8qFj7cLlK9QmX/SS09YU97R7jFnv+hDM98my
PQ73PWso+ONpqT1a8wz4ckLriPyssxFxVTYmCIXG/gL4svLLZoGf5jZF9sqz8zQm
E3brLQU7dDaTzWd5FwvkRpJ2QRozHqU4xIaD1UXb5EItgkxCfZX16I7NR3ugIB6T
v7tBFuTY3340vUkhC6+NLfbI3/atLGsaTh4PxvPM37dSNsfPBNF0DmpmhJ5VWThZ
ENI/xdiuDXCgzR5T8dfiUi4jGBAAosS/uwKKGjX7hggzWnFyZOMt6qCdIxYy8xs1
ZJNIsN1MfCxv3d9K50qoBqYnWjP6IUqAWLJJJ7/K1YX1uIdO5AYnww24SxDiqARR
7d+1/msnUYaKHs8vvWXFi8rkUvlfoyW7wTNjvBECmlBRQy2EPa8=
=Zy0h
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci programskog paketa kernel

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja, izvršavanje proizvoljnog programskog koda,...

Close