You are here
Home > Preporuke > Sigurnosni nedostatak jezgre operacijskog sustava

Sigurnosni nedostatak jezgre operacijskog sustava

==========================================================================
Ubuntu Security Notice USN-4694-1
January 14, 2021

linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-lts-xenial
vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.10
– Ubuntu 20.04 LTS
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
– Ubuntu 14.04 ESM

Summary:

The system could allow unintended access to data in some environments.

Software Description:
– linux: Linux kernel
– linux-hwe-5.8: Linux hardware enablement (HWE) kernel
– linux-hwe-5.4: Linux hardware enablement (HWE) kernel
– linux-hwe: Linux hardware enablement (HWE) kernel
– linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty

Details:

It was discovered that the LIO SCSI target implementation in the Linux
kernel performed insufficient identifier checking in certain XCOPY
requests. An attacker with access to at least one LUN in a multiple
backstore environment could use this to expose sensitive information or
modify data.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.10:
linux-image-5.8.0-38-generic 5.8.0-38.43
linux-image-5.8.0-38-generic-64k 5.8.0-38.43
linux-image-5.8.0-38-generic-lpae 5.8.0-38.43
linux-image-5.8.0-38-lowlatency 5.8.0-38.43
linux-image-generic 5.8.0.38.42
linux-image-generic-64k 5.8.0.38.42
linux-image-generic-lpae 5.8.0.38.42
linux-image-lowlatency 5.8.0.38.42
linux-image-virtual 5.8.0.38.42

Ubuntu 20.04 LTS:
linux-image-5.4.0-62-generic 5.4.0-62.70
linux-image-5.4.0-62-generic-lpae 5.4.0-62.70
linux-image-5.4.0-62-lowlatency 5.4.0-62.70
linux-image-5.8.0-38-generic 5.8.0-38.43~20.04.1
linux-image-5.8.0-38-generic-lpae 5.8.0-38.43~20.04.1
linux-image-5.8.0-38-lowlatency 5.8.0-38.43~20.04.1
linux-image-generic 5.4.0.62.65
linux-image-generic-hwe-20.04 5.8.0.38.43~20.04.23
linux-image-generic-lpae 5.4.0.62.65
linux-image-generic-lpae-hwe-20.04 5.8.0.38.43~20.04.23
linux-image-lowlatency 5.4.0.62.65
linux-image-lowlatency-hwe-20.04 5.8.0.38.43~20.04.23
linux-image-oem 5.4.0.62.65
linux-image-oem-osp1 5.4.0.62.65
linux-image-virtual 5.4.0.62.65
linux-image-virtual-hwe-20.04 5.8.0.38.43~20.04.23

Ubuntu 18.04 LTS:
linux-image-4.15.0-132-generic 4.15.0-132.136
linux-image-4.15.0-132-generic-lpae 4.15.0-132.136
linux-image-4.15.0-132-lowlatency 4.15.0-132.136
linux-image-5.4.0-62-generic 5.4.0-62.70~18.04.1
linux-image-5.4.0-62-generic-lpae 5.4.0-62.70~18.04.1
linux-image-5.4.0-62-lowlatency 5.4.0-62.70~18.04.1
linux-image-generic 4.15.0.132.119
linux-image-generic-hwe-18.04 5.4.0.62.70~18.04.57
linux-image-generic-lpae 4.15.0.132.119
linux-image-generic-lpae-hwe-18.04 5.4.0.62.70~18.04.57
linux-image-lowlatency 4.15.0.132.119
linux-image-lowlatency-hwe-18.04 5.4.0.62.70~18.04.57
linux-image-oem 5.4.0.62.70~18.04.57
linux-image-oem-osp1 5.4.0.62.70~18.04.57
linux-image-powerpc-e500mc 4.15.0.132.119
linux-image-powerpc-smp 4.15.0.132.119
linux-image-powerpc64-emb 4.15.0.132.119
linux-image-powerpc64-smp 4.15.0.132.119
linux-image-snapdragon-hwe-18.04 5.4.0.62.70~18.04.57
linux-image-virtual 4.15.0.132.119
linux-image-virtual-hwe-18.04 5.4.0.62.70~18.04.57

Ubuntu 16.04 LTS:
linux-image-4.15.0-132-generic 4.15.0-132.136~16.04.1
linux-image-4.15.0-132-generic-lpae 4.15.0-132.136~16.04.1
linux-image-4.15.0-132-lowlatency 4.15.0-132.136~16.04.1
linux-image-4.4.0-200-generic 4.4.0-200.232
linux-image-4.4.0-200-generic-lpae 4.4.0-200.232
linux-image-4.4.0-200-lowlatency 4.4.0-200.232
linux-image-4.4.0-200-powerpc-e500mc 4.4.0-200.232
linux-image-4.4.0-200-powerpc-smp 4.4.0-200.232
linux-image-4.4.0-200-powerpc64-emb 4.4.0-200.232
linux-image-4.4.0-200-powerpc64-smp 4.4.0-200.232
linux-image-generic 4.4.0.200.206
linux-image-generic-hwe-16.04 4.15.0.132.130
linux-image-generic-lpae 4.4.0.200.206
linux-image-generic-lpae-hwe-16.04 4.15.0.132.130
linux-image-lowlatency 4.4.0.200.206
linux-image-lowlatency-hwe-16.04 4.15.0.132.130
linux-image-oem 4.15.0.132.130
linux-image-powerpc-e500mc 4.4.0.200.206
linux-image-powerpc-smp 4.4.0.200.206
linux-image-powerpc64-emb 4.4.0.200.206
linux-image-powerpc64-smp 4.4.0.200.206
linux-image-virtual 4.4.0.200.206
linux-image-virtual-hwe-16.04 4.15.0.132.130

Ubuntu 14.04 ESM:
linux-image-4.4.0-200-generic 4.4.0-200.232~14.04.1
linux-image-4.4.0-200-generic-lpae 4.4.0-200.232~14.04.1
linux-image-4.4.0-200-lowlatency 4.4.0-200.232~14.04.1
linux-image-4.4.0-200-powerpc-e500mc 4.4.0-200.232~14.04.1
linux-image-4.4.0-200-powerpc-smp 4.4.0-200.232~14.04.1
linux-image-4.4.0-200-powerpc64-emb 4.4.0-200.232~14.04.1
linux-image-4.4.0-200-powerpc64-smp 4.4.0-200.232~14.04.1
linux-image-generic-lpae-lts-xenial 4.4.0.200.175
linux-image-generic-lts-xenial 4.4.0.200.175
linux-image-lowlatency-lts-xenial 4.4.0.200.175
linux-image-powerpc-e500mc-lts-xenial 4.4.0.200.175
linux-image-powerpc-smp-lts-xenial 4.4.0.200.175
linux-image-powerpc64-emb-lts-xenial 4.4.0.200.175
linux-image-powerpc64-smp-lts-xenial 4.4.0.200.175
linux-image-virtual-lts-xenial 4.4.0.200.175

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
https://usn.ubuntu.com/4694-1
CVE-2020-28374

Package Information:
https://launchpad.net/ubuntu/+source/linux/5.8.0-38.43
https://launchpad.net/ubuntu/+source/linux/5.4.0-62.70
https://launchpad.net/ubuntu/+source/linux-hwe-5.8/5.8.0-38.43~20.04.1
https://launchpad.net/ubuntu/+source/linux/4.15.0-132.136
https://launchpad.net/ubuntu/+source/linux-hwe-5.4/5.4.0-62.70~18.04.1
https://launchpad.net/ubuntu/+source/linux/4.4.0-200.232
https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-132.136~16.04.1

—–BEGIN PGP SIGNATURE—–

iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAmAA32UACgkQLwmejQBe
gfTH3g//Zgohrg8UQobB9iAN2CUYt+gf74Urae3lEPZ+2HmJIwVUp2rnDMwosKfu
AnQQ/BKs/2+M6f9DNTAkV/kGNO7Wc/I+13L+Xt6gKLrwtlT37krVA4DJbyjkIPS7
ZoueBFtU4xtJCtfhpj8A1y/w2qd6f01PIbtDxSKDX++l35fZWrGlDaxUXQeOV6pY
kRQRgZJcNez0XEaLhCJaZxNjNImLr5tXhkA/NL/JC10Tkuv0GXQzuOOOtNv77gPT
DAAE468CQLreU9MGmxrouHKyiJnLG+ea/NLydW4G4o+zj219xCjXhl2Zm0MwBzax
jmgf8SuGGO/gUx0HVxVYzfAgrqbC2SkqJSo7tAVxawPrv+wNvzCIdDigIo5OjtOX
lUCoObyez5B1o//nCkNZoI7Et8Q7c5pYlBklA/fPUbGSPRX5vc/MMg9YY8pRfm55
y0DAhDXv1JzDUc9JMSMq9yNKs2B0P3wJXgVZ/sio/OAXRR3wjsPzl3uWZVhPjfKA
FEpFjDSZ5lD40Ellvfg/U6l8bPwDXhndWpjmPtAKLaU1OaozvUuHjB97b6DTf74D
5mKkVmnFIdOe3crDT+yl+qzozLKqe4luXtoEnYeV2r4Flm/kBsvQblSZ3K8CHnL5
FnPh5PaMdsj0gfknwlrsPCHA4IYxOk3S3Wz4dQMImxEGJwJLeqg=
=Gyyo
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja, izvršavanje proizvoljnog programskog koda,...

Close