USN-4411-1
See a problem?- Source
- https://ubuntu.com/security/notices/USN-4411-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4411-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-4411-1
- Related
- Published
- 2020-07-06T19:29:23.054926Z
- Modified
- 2020-07-06T19:29:23.054926Z
- Summary
- linux, linux-aws, inux-azure, linux-gcp, linux-kvm, linux-oracle, linux-raspi, linux-riscv vulnerabilities
- Details
-
It was discovered that the elf handling code in the Linux kernel did not initialize memory before using it in certain situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2020-10732)
Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service (system crash). (CVE-2020-10711)
It was discovered that the SCSI generic (sg) driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2020-12770)
It was discovered that the USB Gadget device driver in the Linux kernel did not validate arguments passed from configfs in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2020-13143)
It was discovered that the KVM implementation in the Linux kernel did not properly deallocate memory on initialization for some processors. A local attacker could possibly use this to cause a denial of service. (CVE-2020-12768)
- References
Affected packages
Ubuntu:20.04:LTS / linux
Package
- Name
- linux
- Purl
- pkg:deb/ubuntu/linux@5.4.0-40.44?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.4.0-40.44
Affected versions
5.*
5.3.0-18.19
5.3.0-24.26
5.4.0-9.12
5.4.0-18.22
5.4.0-21.25
5.4.0-24.28
5.4.0-25.29
5.4.0-26.30
5.4.0-28.32
5.4.0-29.33
5.4.0-31.35
5.4.0-33.37
5.4.0-37.41
5.4.0-39.43
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"nic-usb-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"nic-pcmcia-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"pcmcia-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"vlan-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"input-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"linux-tools-5.4.0-40-generic": "5.4.0-40.44",
"linux-modules-5.4.0-40-generic": "5.4.0-40.44",
"ipmi-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"linux-image-unsigned-5.4.0-40-generic": "5.4.0-40.44",
"sata-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"linux-headers-5.4.0-40-lowlatency": "5.4.0-40.44",
"linux-cloud-tools-5.4.0-40-generic": "5.4.0-40.44",
"linux-image-unsigned-5.4.0-40-lowlatency-dbgsym": "5.4.0-40.44",
"multipath-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"parport-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"sata-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"parport-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"virtio-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"linux-udebs-generic": "5.4.0-40.44",
"firewire-core-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"crypto-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"fs-secondary-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"message-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"block-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"linux-image-5.4.0-40-generic-lpae": "5.4.0-40.44",
"fs-secondary-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"nfs-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"linux-buildinfo-5.4.0-40-generic-lpae": "5.4.0-40.44",
"block-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"fs-core-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"md-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"fs-core-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"storage-core-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"linux-cloud-tools-5.4.0-40": "5.4.0-40.44",
"linux-buildinfo-5.4.0-40-generic": "5.4.0-40.44",
"dasd-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"linux-image-unsigned-5.4.0-40-generic-dbgsym": "5.4.0-40.44",
"linux-tools-5.4.0-40": "5.4.0-40.44",
"scsi-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"linux-headers-5.4.0-40-generic-lpae": "5.4.0-40.44",
"vlan-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"linux-modules-extra-5.4.0-40-generic": "5.4.0-40.44",
"scsi-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"fat-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"linux-modules-5.4.0-40-lowlatency": "5.4.0-40.44",
"nic-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"nic-shared-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"linux-modules-5.4.0-40-generic-lpae": "5.4.0-40.44",
"linux-cloud-tools-common": "5.4.0-40.44",
"md-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"linux-buildinfo-5.4.0-40-lowlatency": "5.4.0-40.44",
"linux-libc-dev": "5.4.0-40.44",
"linux-source-5.4.0": "5.4.0-40.44",
"ipmi-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"linux-doc": "5.4.0-40.44",
"storage-core-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"linux-image-5.4.0-40-generic": "5.4.0-40.44",
"nic-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"dasd-extra-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"linux-headers-5.4.0-40-generic": "5.4.0-40.44",
"pata-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"linux-image-unsigned-5.4.0-40-lowlatency": "5.4.0-40.44",
"fat-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"linux-cloud-tools-5.4.0-40-lowlatency": "5.4.0-40.44",
"floppy-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"serial-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"linux-tools-host": "5.4.0-40.44",
"linux-image-5.4.0-40-generic-lpae-dbgsym": "5.4.0-40.44",
"kernel-image-5.4.0-40-generic-di": "5.4.0-40.44",
"linux-headers-5.4.0-40": "5.4.0-40.44",
"plip-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"linux-image-5.4.0-40-generic-dbgsym": "5.4.0-40.44",
"ppp-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"plip-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"linux-udebs-generic-lpae": "5.4.0-40.44",
"mouse-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"crypto-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"mouse-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"linux-tools-5.4.0-40-generic-lpae": "5.4.0-40.44",
"nic-shared-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"multipath-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"nfs-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"kernel-image-5.4.0-40-generic-lpae-di": "5.4.0-40.44",
"linux-tools-common": "5.4.0-40.44",
"ppp-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"input-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"nic-usb-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"fb-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"pcmcia-storage-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"linux-tools-5.4.0-40-lowlatency": "5.4.0-40.44",
"usb-modules-5.4.0-40-generic-di": "5.4.0-40.44",
"usb-modules-5.4.0-40-generic-lpae-di": "5.4.0-40.44"
}
]
}
Ubuntu:20.04:LTS / linux-aws
Package
- Name
- linux-aws
- Purl
- pkg:deb/ubuntu/linux-aws@5.4.0-1018.18?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.4.0-1018.18
Affected versions
5.*
5.3.0-1003.3
5.3.0-1008.9
5.3.0-1009.10
5.3.0-1010.11
5.4.0-1005.5
5.4.0-1007.7
5.4.0-1008.8
5.4.0-1009.9
5.4.0-1011.11
5.4.0-1015.15
5.4.0-1017.17
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-modules-5.4.0-1018-aws": "5.4.0-1018.18",
"linux-buildinfo-5.4.0-1018-aws": "5.4.0-1018.18",
"linux-headers-5.4.0-1018-aws": "5.4.0-1018.18",
"linux-tools-5.4.0-1018-aws": "5.4.0-1018.18",
"linux-aws-headers-5.4.0-1018": "5.4.0-1018.18",
"linux-aws-cloud-tools-5.4.0-1018": "5.4.0-1018.18",
"linux-cloud-tools-5.4.0-1018-aws": "5.4.0-1018.18",
"linux-image-5.4.0-1018-aws": "5.4.0-1018.18",
"linux-image-5.4.0-1018-aws-dbgsym": "5.4.0-1018.18",
"linux-modules-extra-5.4.0-1018-aws": "5.4.0-1018.18",
"linux-aws-tools-5.4.0-1018": "5.4.0-1018.18"
}
]
}
Ubuntu:20.04:LTS / linux-azure
Package
- Name
- linux-azure
- Purl
- pkg:deb/ubuntu/linux-azure@5.4.0-1020.20?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.4.0-1020.20
Affected versions
5.*
5.3.0-1003.3
5.3.0-1008.9
5.3.0-1009.10
5.4.0-1006.6
5.4.0-1008.8
5.4.0-1009.9
5.4.0-1010.10
5.4.0-1012.12
5.4.0-1016.16
5.4.0-1019.19
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-tools-5.4.0-1020-azure": "5.4.0-1020.20",
"linux-buildinfo-5.4.0-1020-azure": "5.4.0-1020.20",
"linux-azure-tools-5.4.0-1020": "5.4.0-1020.20",
"linux-azure-cloud-tools-5.4.0-1020": "5.4.0-1020.20",
"linux-azure-headers-5.4.0-1020": "5.4.0-1020.20",
"linux-image-unsigned-5.4.0-1020-azure": "5.4.0-1020.20",
"linux-headers-5.4.0-1020-azure": "5.4.0-1020.20",
"linux-image-unsigned-5.4.0-1020-azure-dbgsym": "5.4.0-1020.20",
"linux-cloud-tools-5.4.0-1020-azure": "5.4.0-1020.20",
"linux-modules-extra-5.4.0-1020-azure": "5.4.0-1020.20",
"linux-modules-5.4.0-1020-azure": "5.4.0-1020.20"
}
]
}
Ubuntu:20.04:LTS / linux-gcp
Package
- Name
- linux-gcp
- Purl
- pkg:deb/ubuntu/linux-gcp@5.4.0-1019.19?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.4.0-1019.19
Affected versions
5.*
5.3.0-1004.4
5.3.0-1009.10
5.3.0-1011.12
5.4.0-1005.5
5.4.0-1007.7
5.4.0-1008.8
5.4.0-1009.9
5.4.0-1011.11
5.4.0-1015.15
5.4.0-1018.18
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-gcp-headers-5.4.0-1019": "5.4.0-1019.19",
"linux-buildinfo-5.4.0-1019-gcp": "5.4.0-1019.19",
"linux-modules-extra-5.4.0-1019-gcp": "5.4.0-1019.19",
"linux-gcp-tools-5.4.0-1019": "5.4.0-1019.19",
"linux-modules-5.4.0-1019-gcp": "5.4.0-1019.19",
"linux-headers-5.4.0-1019-gcp": "5.4.0-1019.19",
"linux-tools-5.4.0-1019-gcp": "5.4.0-1019.19",
"linux-image-unsigned-5.4.0-1019-gcp": "5.4.0-1019.19",
"linux-image-unsigned-5.4.0-1019-gcp-dbgsym": "5.4.0-1019.19"
}
]
}
Ubuntu:20.04:LTS / linux-kvm
Package
- Name
- linux-kvm
- Purl
- pkg:deb/ubuntu/linux-kvm@5.4.0-1018.18?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.4.0-1018.18
Affected versions
5.*
5.3.0-1003.3
5.3.0-1008.9
5.3.0-1009.10
5.4.0-1004.4
5.4.0-1006.6
5.4.0-1007.7
5.4.0-1008.8
5.4.0-1009.9
5.4.0-1011.11
5.4.0-1015.15
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-tools-5.4.0-1018-kvm": "5.4.0-1018.18",
"linux-kvm-tools-5.4.0-1018": "5.4.0-1018.18",
"linux-headers-5.4.0-1018-kvm": "5.4.0-1018.18",
"linux-modules-5.4.0-1018-kvm": "5.4.0-1018.18",
"linux-image-unsigned-5.4.0-1018-kvm-dbgsym": "5.4.0-1018.18",
"linux-image-unsigned-5.4.0-1018-kvm": "5.4.0-1018.18",
"linux-buildinfo-5.4.0-1018-kvm": "5.4.0-1018.18",
"linux-kvm-headers-5.4.0-1018": "5.4.0-1018.18"
}
]
}
Ubuntu:20.04:LTS / linux-oracle
Package
- Name
- linux-oracle
- Purl
- pkg:deb/ubuntu/linux-oracle@5.4.0-1019.19?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.4.0-1019.19
Affected versions
5.*
5.3.0-1002.2
5.3.0-1007.8
5.3.0-1008.9
5.4.0-1005.5
5.4.0-1007.7
5.4.0-1008.8
5.4.0-1009.9
5.4.0-1011.11
5.4.0-1015.15
5.4.0-1018.18
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-tools-5.4.0-1019-oracle": "5.4.0-1019.19",
"linux-modules-extra-5.4.0-1019-oracle": "5.4.0-1019.19",
"linux-image-unsigned-5.4.0-1019-oracle-dbgsym": "5.4.0-1019.19",
"linux-oracle-tools-5.4.0-1019": "5.4.0-1019.19",
"linux-image-unsigned-5.4.0-1019-oracle": "5.4.0-1019.19",
"linux-headers-5.4.0-1019-oracle": "5.4.0-1019.19",
"linux-oracle-headers-5.4.0-1019": "5.4.0-1019.19",
"linux-buildinfo-5.4.0-1019-oracle": "5.4.0-1019.19",
"linux-modules-5.4.0-1019-oracle": "5.4.0-1019.19"
}
]
}
Ubuntu:20.04:LTS / linux-raspi
Package
- Name
- linux-raspi
- Purl
- pkg:deb/ubuntu/linux-raspi@5.4.0-1013.13?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.4.0-1013.13
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-headers-5.4.0-1013-raspi": "5.4.0-1013.13",
"linux-buildinfo-5.4.0-1013-raspi": "5.4.0-1013.13",
"linux-raspi-tools-5.4.0-1013": "5.4.0-1013.13",
"linux-image-5.4.0-1013-raspi-dbgsym": "5.4.0-1013.13",
"linux-raspi-headers-5.4.0-1013": "5.4.0-1013.13",
"linux-image-5.4.0-1013-raspi": "5.4.0-1013.13",
"linux-modules-5.4.0-1013-raspi": "5.4.0-1013.13",
"linux-tools-5.4.0-1013-raspi": "5.4.0-1013.13"
}
]
}
Ubuntu:20.04:LTS / linux-riscv
Package
- Name
- linux-riscv
- Purl
- pkg:deb/ubuntu/linux-riscv@5.4.0-28.32?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.4.0-28.32
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"input-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"nic-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"crypto-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"fs-secondary-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"linux-riscv-headers-5.4.0-28": "5.4.0-28.32",
"pata-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"linux-libc-dev": "5.4.0-28.32",
"linux-tools-5.4.0-28-generic": "5.4.0-28.32",
"linux-headers-5.4.0-28-generic": "5.4.0-28.32",
"linux-udebs-generic": "5.4.0-28.32",
"sata-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"plip-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"nic-shared-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"nic-usb-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"ppp-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"block-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"linux-modules-5.4.0-28-generic": "5.4.0-28.32",
"fs-core-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"ipmi-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"linux-image-5.4.0-28-generic": "5.4.0-28.32",
"linux-buildinfo-5.4.0-28-generic": "5.4.0-28.32",
"message-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"storage-core-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"firewire-core-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"md-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"vlan-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"linux-image-5.4.0-28-generic-dbgsym": "5.4.0-28.32",
"virtio-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"linux-riscv-tools-5.4.0-28": "5.4.0-28.32",
"multipath-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"scsi-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"usb-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"kernel-image-5.4.0-28-generic-di": "5.4.0-28.32",
"linux-modules-extra-5.4.0-28-generic": "5.4.0-28.32",
"nfs-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"parport-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"mouse-modules-5.4.0-28-generic-di": "5.4.0-28.32",
"fat-modules-5.4.0-28-generic-di": "5.4.0-28.32"
}
]
}