USN-4303-2
See a problem?- Source
- https://ubuntu.com/security/notices/USN-4303-2
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4303-2.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-4303-2
- Related
- Published
- 2020-03-17T01:41:31.829155Z
- Modified
- 2020-03-17T01:41:31.829155Z
- Summary
- linux-lts-xenial, linux-aws vulnerability
- Details
-
USN-4303-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM.
Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested (level 2) guest access the resources of a parent (level 1) guest in certain situations. An attacker could use this to expose sensitive information.
- References
Affected packages
Ubuntu:14.04:LTS / linux-aws
Package
- Name
- linux-aws
- Purl
- pkg:deb/ubuntu/linux-aws@4.4.0-1064.68?arch=src?distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.0-1064.68
Affected versions
4.*
4.4.0-1002.2
4.4.0-1003.3
4.4.0-1005.5
4.4.0-1006.6
4.4.0-1009.9
4.4.0-1010.10
4.4.0-1011.11
4.4.0-1012.12
4.4.0-1014.14
4.4.0-1016.16
4.4.0-1017.17
4.4.0-1019.19
4.4.0-1022.22
4.4.0-1023.23
4.4.0-1024.25
4.4.0-1025.26
4.4.0-1027.30
4.4.0-1028.31
4.4.0-1029.32
4.4.0-1031.34
4.4.0-1032.35
4.4.0-1034.37
4.4.0-1036.39
4.4.0-1037.40
4.4.0-1038.41
4.4.0-1039.42
4.4.0-1040.43
4.4.0-1042.45
4.4.0-1044.47
Ubuntu:14.04:LTS / linux-lts-xenial
Package
- Name
- linux-lts-xenial
- Purl
- pkg:deb/ubuntu/linux-lts-xenial@4.4.0-176.206~14.04.1?arch=src?distro=trusty
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.4.0-176.206~14.04.1
Affected versions
4.*
4.4.0-13.29~14.04.1
4.4.0-14.30~14.04.2
4.4.0-15.31~14.04.1
4.4.0-18.34~14.04.1
4.4.0-21.37~14.04.1
4.4.0-22.39~14.04.1
4.4.0-22.40~14.04.1
4.4.0-24.43~14.04.1
4.4.0-28.47~14.04.1
4.4.0-31.50~14.04.1
4.4.0-34.53~14.04.1
4.4.0-36.55~14.04.1
4.4.0-38.57~14.04.1
4.4.0-42.62~14.04.1
4.4.0-45.66~14.04.1
4.4.0-47.68~14.04.1
4.4.0-51.72~14.04.1
4.4.0-53.74~14.04.1
4.4.0-57.78~14.04.1
4.4.0-59.80~14.04.1
4.4.0-62.83~14.04.1
4.4.0-63.84~14.04.2
4.4.0-64.85~14.04.1
4.4.0-66.87~14.04.1
4.4.0-67.88~14.04.1
4.4.0-70.91~14.04.1
4.4.0-71.92~14.04.1
4.4.0-72.93~14.04.1
4.4.0-75.96~14.04.1
4.4.0-78.99~14.04.2
4.4.0-79.100~14.04.1
4.4.0-81.104~14.04.1
4.4.0-83.106~14.04.1
4.4.0-87.110~14.04.1
4.4.0-89.112~14.04.1
4.4.0-91.114~14.04.1
4.4.0-92.115~14.04.1
4.4.0-93.116~14.04.1
4.4.0-96.119~14.04.1
4.4.0-97.120~14.04.1
4.4.0-98.121~14.04.1
4.4.0-101.124~14.04.1
4.4.0-103.126~14.04.1
4.4.0-104.127~14.04.1
4.4.0-108.131~14.04.1
4.4.0-109.132~14.04.1
4.4.0-111.134~14.04.1
4.4.0-112.135~14.04.1
4.4.0-116.140~14.04.1
4.4.0-119.143~14.04.1
4.4.0-121.145~14.04.1
4.4.0-124.148~14.04.1
4.4.0-127.153~14.04.1
4.4.0-128.154~14.04.1
4.4.0-130.156~14.04.1
4.4.0-131.157~14.04.1
4.4.0-133.159~14.04.1
4.4.0-134.160~14.04.1
4.4.0-135.161~14.04.1
4.4.0-137.163~14.04.1
4.4.0-138.164~14.04.1
4.4.0-139.165~14.04.1
4.4.0-140.166~14.04.1
4.4.0-141.167~14.04.1
4.4.0-142.168~14.04.1
4.4.0-143.169~14.04.2
4.4.0-144.170~14.04.1
4.4.0-146.172~14.04.1
4.4.0-148.174~14.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-image-4.4.0-176-generic-lpae": "4.4.0-176.206~14.04.1",
"linux-image-4.4.0-176-powerpc64-emb": "4.4.0-176.206~14.04.1",
"linux-image-4.4.0-176-powerpc-smp": "4.4.0-176.206~14.04.1",
"linux-image-4.4.0-176-powerpc64-smp": "4.4.0-176.206~14.04.1",
"linux-image-4.4.0-176-generic": "4.4.0-176.206~14.04.1",
"linux-image-4.4.0-176-lowlatency": "4.4.0-176.206~14.04.1",
"linux-image-4.4.0-176-powerpc-e500mc": "4.4.0-176.206~14.04.1"
}
]
}