linux, linux-aws vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 19.10

Summary

The Linux kernel could be made to expose sensitive information.

Software Description

* linux - Linux kernel
* linux-aws - Linux kernel for Amazon Web Services (AWS) systems

Details

It was discovered that the Linux kernel did not properly clear
data structures on context switches for certain Intel graphics
processors. A local attacker could use this to expose sensitive
information.

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 19.10
linux-image-5.3.0-1010-aws - 5.3.0-1010.11
linux-image-5.3.0-29-generic - 5.3.0-29.31
linux-image-5.3.0-29-generic-lpae - 5.3.0-29.31
linux-image-5.3.0-29-lowlatency - 5.3.0-29.31
linux-image-5.3.0-29-snapdragon - 5.3.0-29.31
linux-image-aws - 5.3.0.1010.12
linux-image-generic - 5.3.0.29.33
linux-image-generic-lpae - 5.3.0.29.33
linux-image-lowlatency - 5.3.0.29.33
linux-image-virtual - 5.3.0.29.33

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to
make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates
have been given a new version number, which requires you to
recompile and reinstall all third party kernel modules you might
have installed. Unless you manually uninstalled the standard
kernel metapackages (e.g. linux-generic,
linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a
standard system upgrade will automatically perform this as well.

References

* CVE-2019-14615

--- Mystic BBS v1.12 A43 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)

linux, linux-aws, linux-kvm vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 16.04 LTS

Summary

The system could be made to expose sensitive information.

Software Description

* linux - Linux kernel
* linux-aws - Linux kernel for Amazon Web Services (AWS) systems
* linux-kvm - Linux kernel for cloud environments

Details

Paulo Bonzini discovered that the KVM hypervisor implementation in
the Linux kernel could improperly let a nested (level 2) guest
access the resources of a parent (level 1) guest in certain
situations. An attacker could use this to expose sensitive
information.

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 16.04 LTS
linux-image-4.4.0-1068-kvm - 4.4.0-1068.75
linux-image-4.4.0-1104-aws - 4.4.0-1104.115
linux-image-4.4.0-176-generic - 4.4.0-176.206
linux-image-4.4.0-176-generic-lpae - 4.4.0-176.206
linux-image-4.4.0-176-lowlatency - 4.4.0-176.206
linux-image-4.4.0-176-powerpc-e500mc - 4.4.0-176.206
linux-image-4.4.0-176-powerpc-smp - 4.4.0-176.206
linux-image-4.4.0-176-powerpc64-emb - 4.4.0-176.206
linux-image-4.4.0-176-powerpc64-smp - 4.4.0-176.206
linux-image-aws - 4.4.0.1104.108
linux-image-generic - 4.4.0.176.184
linux-image-generic-lpae - 4.4.0.176.184
linux-image-kvm - 4.4.0.1068.68
linux-image-lowlatency - 4.4.0.176.184
linux-image-powerpc-e500mc - 4.4.0.176.184
linux-image-powerpc-smp - 4.4.0.176.184
linux-image-powerpc64-emb - 4.4.0.176.184
linux-image-powerpc64-smp - 4.4.0.176.184
linux-image-virtual - 4.4.0.176.184

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to
make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates
have been given a new version number, which requires you to
recompile and reinstall all third party kernel modules you might
have installed. Unless you manually uninstalled the standard
kernel metapackages (e.g. linux-generic,
linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a
standard system upgrade will automatically perform this as well.

References

* CVE-2020-2732

--- Mystic BBS v1.12 A45 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)

linux, linux-aws, linux-azure, linux-azure-5.3, linux-gcp,
linux-gcp-5.3, linux-gke-5.3, linux-hwe, linux-kvm, linux-oracle, linux-oracle-5.3, linux-raspi2, linux-raspi2-5.3 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 19.10
* Ubuntu 18.04 LTS

Summary

The system could be made to expose sensitive information or run
programs as an administrator.

Software Description

* linux - Linux kernel
* linux-aws - Linux kernel for Amazon Web Services (AWS) systems
* linux-azure - Linux kernel for Microsoft Azure Cloud systems
* linux-gcp - Linux kernel for Google Cloud Platform (GCP)
systems
* linux-kvm - Linux kernel for cloud environments
* linux-oracle - Linux kernel for Oracle Cloud systems
* linux-raspi2 - Linux kernel for Raspberry Pi 2
* linux-azure-5.3 - Linux kernel for Microsoft Azure Cloud
systems
* linux-gcp-5.3 - Linux kernel for Google Cloud Platform (GCP)
systems
* linux-gke-5.3 - Linux kernel for Google Container Engine (GKE)
systems
* linux-hwe - Linux hardware enablement (HWE) kernel
* linux-oracle-5.3 - Linux kernel buildinfo for version 5.3.0 on
64 bit x86 SMP
* linux-raspi2-5.3 - Linux kernel for Raspberry Pi 2

Details

Manfred Paul discovered that the bpf verifier in the Linux kernel
did not properly calculate register bounds for certain operations.
A local attacker could use this to expose sensitive information
(kernel memory) or gain administrative privileges.

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 19.10
linux-image-5.3.0-1013-oracle - 5.3.0-1013.14
linux-image-5.3.0-1014-kvm - 5.3.0-1014.15
linux-image-5.3.0-1015-aws - 5.3.0-1015.16
linux-image-5.3.0-1016-gcp - 5.3.0-1016.17
linux-image-5.3.0-1018-azure - 5.3.0-1018.19
linux-image-5.3.0-1021-raspi2 - 5.3.0-1021.23
linux-image-5.3.0-45-generic - 5.3.0-45.37
linux-image-5.3.0-45-generic-lpae - 5.3.0-45.37
linux-image-5.3.0-45-lowlatency - 5.3.0-45.37
linux-image-5.3.0-45-snapdragon - 5.3.0-45.37
linux-image-aws - 5.3.0.1015.17
linux-image-azure - 5.3.0.1018.37
linux-image-gcp - 5.3.0.1016.17
linux-image-generic - 5.3.0.45.38
linux-image-generic-lpae - 5.3.0.45.38
linux-image-gke - 5.3.0.1016.17
linux-image-kvm - 5.3.0.1014.16
linux-image-lowlatency - 5.3.0.45.38
linux-image-oracle - 5.3.0.1013.14
linux-image-raspi2 - 5.3.0.1021.18
linux-image-snapdragon - 5.3.0.45.38
linux-image-virtual - 5.3.0.45.38

Ubuntu 18.04 LTS
linux-image-5.3.0-1013-oracle - 5.3.0-1013.14~18.04.1
linux-image-5.3.0-1016-gcp - 5.3.0-1016.17~18.04.1
linux-image-5.3.0-1016-gke - 5.3.0-1016.17~18.04.1
linux-image-5.3.0-1018-azure - 5.3.0-1018.19~18.04.1
linux-image-5.3.0-1021-raspi2 - 5.3.0-1021.23~18.04.1
linux-image-5.3.0-45-generic - 5.3.0-45.37~18.04.1
linux-image-5.3.0-45-generic-lpae - 5.3.0-45.37~18.04.1
linux-image-5.3.0-45-lowlatency - 5.3.0-45.37~18.04.1
linux-image-azure-edge - 5.3.0.1018.18
linux-image-gcp-edge - 5.3.0.1016.15
linux-image-generic-hwe-18.04 - 5.3.0.45.101
linux-image-generic-lpae-hwe-18.04 - 5.3.0.45.101
linux-image-gke-5.3 - 5.3.0.1016.6
linux-image-lowlatency-hwe-18.04 - 5.3.0.45.101
linux-image-oracle-edge - 5.3.0.1013.12
linux-image-raspi2-hwe-18.04 - 5.3.0.1021.10
linux-image-snapdragon-hwe-18.04 - 5.3.0.45.101
linux-image-virtual-hwe-18.04 - 5.3.0.45.101

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to
make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates
have been given a new version number, which requires you to
recompile and reinstall all third party kernel modules you might
have installed. Unless you manually uninstalled the standard
kernel metapackages (e.g. linux-generic,
linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a
standard system upgrade will automatically perform this as well.

References

* CVE-2020-8835

--- Mystic BBS v1.12 A45 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)

linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon
vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 16.04 LTS
* Ubuntu 14.04 ESM

Summary

The system could be made to crash or expose sensitive information.

Software Description

* linux - Linux kernel
* linux-aws - Linux kernel for Amazon Web Services (AWS) systems
* linux-kvm - Linux kernel for cloud environments
* linux-raspi2 - Linux kernel for Raspberry Pi 2
* linux-snapdragon - Linux kernel for Snapdragon processors
* linux-lts-xenial - Linux hardware enablement kernel from
Xenial for Trusty

Details

Al Viro discovered that the vfs layer in the Linux kernel
contained a use- after-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly
expose sensitive information (kernel memory).

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 16.04 LTS
linux-image-4.4.0-1069-kvm - 4.4.0-1069.76
linux-image-4.4.0-1105-aws - 4.4.0-1105.116
linux-image-4.4.0-1131-raspi2 - 4.4.0-1131.140
linux-image-4.4.0-1135-snapdragon - 4.4.0-1135.143
linux-image-4.4.0-177-generic - 4.4.0-177.207
linux-image-4.4.0-177-generic-lpae - 4.4.0-177.207
linux-image-4.4.0-177-lowlatency - 4.4.0-177.207
linux-image-4.4.0-177-powerpc-e500mc - 4.4.0-177.207
linux-image-4.4.0-177-powerpc-smp - 4.4.0-177.207
linux-image-4.4.0-177-powerpc64-emb - 4.4.0-177.207
linux-image-4.4.0-177-powerpc64-smp - 4.4.0-177.207
linux-image-aws - 4.4.0.1105.109
linux-image-generic - 4.4.0.177.185
linux-image-generic-lpae - 4.4.0.177.185
linux-image-kvm - 4.4.0.1069.69
linux-image-lowlatency - 4.4.0.177.185
linux-image-powerpc-e500mc - 4.4.0.177.185
linux-image-powerpc-smp - 4.4.0.177.185
linux-image-powerpc64-emb - 4.4.0.177.185
linux-image-powerpc64-smp - 4.4.0.177.185
linux-image-raspi2 - 4.4.0.1131.131
linux-image-snapdragon - 4.4.0.1135.127
linux-image-virtual - 4.4.0.177.185

Ubuntu 14.04 ESM
linux-image-4.4.0-1065-aws - 4.4.0-1065.69
linux-image-4.4.0-177-generic - 4.4.0-177.207~14.04.1
linux-image-4.4.0-177-generic-lpae - 4.4.0-177.207~14.04.1
linux-image-4.4.0-177-lowlatency - 4.4.0-177.207~14.04.1
linux-image-4.4.0-177-powerpc-e500mc -
4.4.0-177.207~14.04.1
linux-image-4.4.0-177-powerpc-smp - 4.4.0-177.207~14.04.1
linux-image-4.4.0-177-powerpc64-emb -
4.4.0-177.207~14.04.1
linux-image-4.4.0-177-powerpc64-smp -
4.4.0-177.207~14.04.1
linux-image-aws - 4.4.0.1065.66
linux-image-generic-lpae-lts-xenial - 4.4.0.177.156
linux-image-generic-lts-xenial - 4.4.0.177.156
linux-image-lowlatency-lts-xenial - 4.4.0.177.156
linux-image-powerpc-e500mc-lts-xenial - 4.4.0.177.156
linux-image-powerpc-smp-lts-xenial - 4.4.0.177.156
linux-image-powerpc64-emb-lts-xenial - 4.4.0.177.156
linux-image-powerpc64-smp-lts-xenial - 4.4.0.177.156
linux-image-virtual-lts-xenial - 4.4.0.177.156

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to
make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates
have been given a new version number, which requires you to
recompile and reinstall all third party kernel modules you might
have installed. Unless you manually uninstalled the standard
kernel metapackages (e.g. linux-generic,
linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a
standard system upgrade will automatically perform this as well.

References

* CVE-2020-8428

--- Mystic BBS v1.12 A45 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)

linux-gke-5.0, linux-oem-osp1 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 18.04 LTS

Summary

The system could be made to crash under certain conditions.

Software Description

* linux-gke-5.0 - Linux kernel for Google Container Engine (GKE)
systems
* linux-oem-osp1 - Linux kernel for OEM systems

Details

It was discovered that the bcache subsystem in the Linux kernel
did not properly release a lock in some error conditions. A local
attacker could possibly use this to cause a denial of service.

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 18.04 LTS
linux-image-5.0.0-1046-gke - 5.0.0-1046.47
linux-image-5.0.0-1067-oem-osp1 - 5.0.0-1067.72
linux-image-gke-5.0 - 5.0.0.1046.31
linux-image-oem-osp1 - 5.0.0.1067.65

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to
make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates
have been given a new version number, which requires you to
recompile and reinstall all third party kernel modules you might
have installed. Unless you manually uninstalled the standard
kernel metapackages (e.g. linux-generic,
linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a
standard system upgrade will automatically perform this as well.

References

* CVE-2020-12771

--- Mystic BBS v1.12 A45 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)

linux-hwe, linux-aws-5.3, linux-gke-5.3, linux-raspi2-5.3 vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 18.04 LTS

Summary

The system could be made to crash or run programs as an
administrator.

Software Description

* linux-aws-5.3 - Linux kernel for Amazon Web Services (AWS)
systems
* linux-gke-5.3 - Linux kernel for Google Container Engine (GKE)
systems
* linux-hwe - Linux hardware enablement (HWE) kernel
* linux-raspi2-5.3 - Linux kernel for Raspberry Pi (V8) systems

Details

It was discovered that the cgroup v2 subsystem in the Linux kernel
did not properly perform reference counting in some situations,
leading to a NULL pointer dereference. A local attacker could use
this to cause a denial of service or possibly gain administrative
privileges.

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 18.04 LTS
linux-image-5.3.0-1032-raspi2 - 5.3.0-1032.34
linux-image-5.3.0-1034-aws - 5.3.0-1034.36
linux-image-5.3.0-1034-gke - 5.3.0-1034.36
linux-image-5.3.0-66-generic - 5.3.0-66.60
linux-image-5.3.0-66-lowlatency - 5.3.0-66.60
linux-image-aws - 5.3.0.1034.33
linux-image-gke-5.3 - 5.3.0.1034.19
linux-image-gkeop-5.3 - 5.3.0.66.123
linux-image-raspi2-hwe-18.04 - 5.3.0.1032.22

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to
make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates
have been given a new version number, which requires you to
recompile and reinstall all third party kernel modules you might
have installed. Unless you manually uninstalled the standard
kernel metapackages (e.g. linux-generic,
linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a
standard system upgrade will automatically perform this as well.

References

* CVE-2020-14356

--- Mystic BBS v1.12 A45 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)

linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2,
linux-snapdragon vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 16.04 LTS
* Ubuntu 14.04 ESM

Summary

The Linux kernel could be made to crash if it mounted a malicious
XFS file system.

Software Description

* linux - Linux kernel
* linux-aws - Linux kernel for Amazon Web Services (AWS) systems
* linux-kvm - Linux kernel for cloud environments
* linux-raspi2 - Linux kernel for Raspberry Pi (V8) systems
* linux-snapdragon - Linux kernel for Qualcomm Snapdragon
processors
* linux-lts-xenial - Linux hardware enablement kernel from
Xenial for Trusty

Details

Wen Xu discovered that the XFS filesystem implementation in the
Linux kernel did not properly validate meta-data information. An
attacker could use this to construct a malicious xfs image that,
when mounted, could cause a denial of service (system crash).

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 16.04 LTS
linux-image-4.4.0-1079-kvm - 4.4.0-1079.86
linux-image-4.4.0-1113-aws - 4.4.0-1113.126
linux-image-4.4.0-1138-raspi2 - 4.4.0-1138.147
linux-image-4.4.0-1142-snapdragon - 4.4.0-1142.151
linux-image-4.4.0-189-generic - 4.4.0-189.219
linux-image-4.4.0-189-generic-lpae - 4.4.0-189.219
linux-image-4.4.0-189-lowlatency - 4.4.0-189.219
linux-image-4.4.0-189-powerpc-e500mc - 4.4.0-189.219
linux-image-4.4.0-189-powerpc-smp - 4.4.0-189.219
linux-image-4.4.0-189-powerpc64-emb - 4.4.0-189.219
linux-image-4.4.0-189-powerpc64-smp - 4.4.0-189.219
linux-image-aws - 4.4.0.1113.118
linux-image-generic - 4.4.0.189.195
linux-image-generic-lpae - 4.4.0.189.195
linux-image-kvm - 4.4.0.1079.77
linux-image-lowlatency - 4.4.0.189.195
linux-image-powerpc-e500mc - 4.4.0.189.195
linux-image-powerpc-smp - 4.4.0.189.195
linux-image-powerpc64-emb - 4.4.0.189.195
linux-image-powerpc64-smp - 4.4.0.189.195
linux-image-raspi2 - 4.4.0.1138.138
linux-image-snapdragon - 4.4.0.1142.134
linux-image-virtual - 4.4.0.189.195

Ubuntu 14.04 ESM
linux-image-4.4.0-1077-aws - 4.4.0-1077.81
linux-image-4.4.0-189-generic - 4.4.0-189.219~14.04.1
linux-image-4.4.0-189-generic-lpae - 4.4.0-189.219~14.04.1
linux-image-4.4.0-189-lowlatency - 4.4.0-189.219~14.04.1
linux-image-4.4.0-189-powerpc-e500mc -
4.4.0-189.219~14.04.1
linux-image-4.4.0-189-powerpc-smp - 4.4.0-189.219~14.04.1
linux-image-4.4.0-189-powerpc64-emb -
4.4.0-189.219~14.04.1
linux-image-4.4.0-189-powerpc64-smp -
4.4.0-189.219~14.04.1
linux-image-aws - 4.4.0.1077.74
linux-image-generic-lpae-lts-xenial - 4.4.0.189.165
linux-image-generic-lts-xenial - 4.4.0.189.165
linux-image-lowlatency-lts-xenial - 4.4.0.189.165
linux-image-powerpc-e500mc-lts-xenial - 4.4.0.189.165
linux-image-powerpc-smp-lts-xenial - 4.4.0.189.165
linux-image-powerpc64-emb-lts-xenial - 4.4.0.189.165
linux-image-powerpc64-smp-lts-xenial - 4.4.0.189.165
linux-image-virtual-lts-xenial - 4.4.0.189.165

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to
make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates
have been given a new version number, which requires you to
recompile and reinstall all third party kernel modules you might
have installed. Unless you manually uninstalled the standard
kernel metapackages (e.g. linux-generic,
linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a
standard system upgrade will automatically perform this as well.

References

* CVE-2018-10323

--- Mystic BBS v1.12 A45 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)

linux, linux-aws, linux-aws-5.3, linux-aws-5.4, linux-aws-hwe,
linux-azure, linux-azure-4.15, linux-azure-5.4, linux-gcp,
linux-gcp-4.15, linux-gcp-5.4, linux-gke-4.15, linux-gke-5.0,
linux-gke-5.3, linux-hwe, linux-hwe-5.4, linux-kvm, linux-oem,
linux-oem-osp1, linux-oracle, linux-oracle-5.4, linux-raspi,
linux-raspi-5.4, linux-raspi2, linux-raspi2-5.3, linux-snapdragon
vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 20.04 LTS
* Ubuntu 18.04 LTS
* Ubuntu 16.04 LTS
* Ubuntu 14.04 ESM

Summary

The system could be made to crash or run programs as an
administrator.

Software Description

* linux - Linux kernel
* linux-aws - Linux kernel for Amazon Web Services (AWS) systems
* linux-azure - Linux kernel for Microsoft Azure Cloud systems
* linux-gcp - Linux kernel for Google Cloud Platform (GCP)
systems
* linux-kvm - Linux kernel for cloud environments
* linux-oracle - Linux kernel for Oracle Cloud systems
* linux-raspi - Linux kernel for Raspberry Pi (V8) systems
* linux-aws-5.3 - Linux kernel for Amazon Web Services (AWS)
systems
* linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS)
systems
* linux-azure-4.15 - Linux kernel for Microsoft Azure Cloud
systems
* linux-azure-5.4 - Linux kernel for Microsoft Azure cloud
systems
* linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP)
systems
* linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP)
systems
* linux-gke-4.15 - Linux kernel for Google Container Engine
(GKE) systems
* linux-gke-5.0 - Linux kernel for Google Container Engine (GKE)
systems
* linux-gke-5.3 - Linux kernel for Google Container Engine (GKE)
systems
* linux-hwe - Linux hardware enablement (HWE) kernel
* linux-hwe-5.4 - Linux hardware enablement (HWE) kernel
* linux-oem - Linux kernel for OEM systems
* linux-oem-osp1 - Linux kernel for OEM systems
* linux-oracle-5.4 - Linux kernel for Oracle Cloud systems
* linux-raspi-5.4 - Linux kernel for Raspberry Pi (V8) systems
* linux-raspi2 - Linux kernel for Raspberry Pi (V8) systems
* linux-raspi2-5.3 - Linux kernel for Raspberry Pi (V8) systems
* linux-snapdragon - Linux kernel for Qualcomm Snapdragon
processors
* linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE)
systems

Details

Or Cohen discovered that the AF_PACKET implementation in the Linux
kernel did not properly perform bounds checking in some
situations. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 20.04 LTS
linux-image-5.4.0-1018-raspi - 5.4.0-1018.20
linux-image-5.4.0-1024-aws - 5.4.0-1024.24
linux-image-5.4.0-1024-gcp - 5.4.0-1024.24
linux-image-5.4.0-1024-oracle - 5.4.0-1024.24
linux-image-5.4.0-1025-azure - 5.4.0-1025.25
linux-image-5.4.0-47-generic - 5.4.0-47.51
linux-image-5.4.0-47-generic-lpae - 5.4.0-47.51
linux-image-5.4.0-47-lowlatency - 5.4.0-47.51
linux-image-aws - 5.4.0.1024.25
linux-image-azure - 5.4.0.1025.24
linux-image-gcp - 5.4.0.1024.21
linux-image-generic - 5.4.0.47.50
linux-image-generic-lpae - 5.4.0.47.50
linux-image-gke - 5.4.0.1024.21
linux-image-kvm - 5.4.0.1023.21
linux-image-lowlatency - 5.4.0.47.50
linux-image-oem - 5.4.0.47.50
linux-image-oem-osp1 - 5.4.0.47.50
linux-image-oracle - 5.4.0.1024.21
linux-image-raspi - 5.4.0.1018.53
linux-image-raspi2 - 5.4.0.1018.53
linux-image-virtual - 5.4.0.47.50

Ubuntu 18.04 LTS
linux-image-4.15.0-1053-oracle - 4.15.0-1053.57
linux-image-4.15.0-1069-gke - 4.15.0-1069.72
linux-image-4.15.0-1070-raspi2 - 4.15.0-1070.74
linux-image-4.15.0-1074-kvm - 4.15.0-1074.75
linux-image-4.15.0-1082-aws - 4.15.0-1082.86
linux-image-4.15.0-1083-gcp - 4.15.0-1083.94
linux-image-4.15.0-1086-snapdragon - 4.15.0-1086.94
linux-image-4.15.0-1095-azure - 4.15.0-1095.105
linux-image-4.15.0-1096-oem - 4.15.0-1096.106
linux-image-4.15.0-117-generic - 4.15.0-117.118
linux-image-4.15.0-117-generic-lpae - 4.15.0-117.118
linux-image-4.15.0-117-lowlatency - 4.15.0-117.118
linux-image-5.0.0-1047-gke - 5.0.0-1047.48
linux-image-5.0.0-1068-oem-osp1 - 5.0.0-1068.73
linux-image-5.3.0-1033-raspi2 - 5.3.0-1033.35
linux-image-5.3.0-1035-aws - 5.3.0-1035.37
linux-image-5.3.0-1036-gke - 5.3.0-1036.38
linux-image-5.3.0-67-generic - 5.3.0-67.61
linux-image-5.3.0-67-lowlatency - 5.3.0-67.61
linux-image-5.4.0-1018-raspi - 5.4.0-1018.20~18.04.1
linux-image-5.4.0-1024-aws - 5.4.0-1024.24~18.04.1
linux-image-5.4.0-1024-gcp - 5.4.0-1024.24~18.04.1
linux-image-5.4.0-1024-oracle - 5.4.0-1024.24~18.04.1
linux-image-5.4.0-1025-azure - 5.4.0-1025.25~18.04.1
linux-image-5.4.0-47-generic - 5.4.0-47.51~18.04.1
linux-image-5.4.0-47-generic-lpae - 5.4.0-47.51~18.04.1
linux-image-5.4.0-47-lowlatency - 5.4.0-47.51~18.04.1
linux-image-aws - 5.3.0.1035.34
linux-image-aws-lts-18.04 - 4.15.0.1082.84
linux-image-azure - 5.4.0.1025.8
linux-image-azure-lts-18.04 - 4.15.0.1095.68
linux-image-gcp - 5.4.0.1024.11
linux-image-gcp-lts-18.04 - 4.15.0.1083.101
linux-image-generic - 4.15.0.117.104
linux-image-generic-hwe-18.04 - 5.4.0.47.51~18.04.40
linux-image-generic-lpae - 4.15.0.117.104
linux-image-generic-lpae-hwe-18.04 - 5.4.0.47.51~18.04.40
linux-image-gke - 4.15.0.1069.73
linux-image-gke-4.15 - 4.15.0.1069.73
linux-image-gke-5.0 - 5.0.0.1047.32
linux-image-gke-5.3 - 5.3.0.1036.20
linux-image-gke-5.4 - 5.4.0.1024.11
linux-image-gkeop-5.3 - 5.3.0.67.124
linux-image-gkeop-5.4 - 5.4.0.47.51~18.04.40
linux-image-kvm - 4.15.0.1074.70
linux-image-lowlatency - 4.15.0.117.104
linux-image-lowlatency-hwe-18.04 - 5.4.0.47.51~18.04.40
linux-image-oem - 4.15.0.1096.100
linux-image-oem-osp1 - 5.0.0.1068.66
linux-image-oracle - 5.4.0.1024.8
linux-image-oracle-lts-18.04 - 4.15.0.1053.63
linux-image-powerpc-e500mc - 4.15.0.117.104
linux-image-powerpc-smp - 4.15.0.117.104
linux-image-powerpc64-emb - 4.15.0.117.104
linux-image-powerpc64-smp - 4.15.0.117.104
linux-image-raspi-hwe-18.04 - 5.4.0.1018.22
linux-image-raspi2 - 4.15.0.1070.67
linux-image-raspi2-hwe-18.04 - 5.3.0.1033.23
linux-image-snapdragon - 4.15.0.1086.89
linux-image-snapdragon-hwe-18.04 - 5.4.0.47.51~18.04.40
linux-image-virtual - 4.15.0.117.104
linux-image-virtual-hwe-18.04 - 5.4.0.47.51~18.04.40

Ubuntu 16.04 LTS
linux-image-4.15.0-1053-oracle - 4.15.0-1053.57~16.04.1
linux-image-4.15.0-1082-aws - 4.15.0-1082.86~16.04.1
linux-image-4.15.0-1083-gcp - 4.15.0-1083.94~16.04.1
linux-image-4.15.0-1095-azure - 4.15.0-1095.105~16.04.1
linux-image-4.15.0-117-generic - 4.15.0-117.118~16.04.1
linux-image-4.15.0-117-generic-lpae -
4.15.0-117.118~16.04.1
linux-image-4.15.0-117-lowlatency - 4.15.0-117.118~16.04.1
linux-image-aws-hwe - 4.15.0.1082.78
linux-image-azure - 4.15.0.1095.89
linux-image-gcp - 4.15.0.1083.84
linux-image-generic-hwe-16.04 - 4.15.0.117.118
linux-image-generic-lpae-hwe-16.04 - 4.15.0.117.118
linux-image-gke - 4.15.0.1083.84
linux-image-lowlatency-hwe-16.04 - 4.15.0.117.118
linux-image-oem - 4.15.0.117.118
linux-image-oracle - 4.15.0.1053.43
linux-image-virtual-hwe-16.04 - 4.15.0.117.118

Ubuntu 14.04 ESM
linux-image-4.15.0-1095-azure - 4.15.0-1095.105~14.04.1
linux-image-azure - 4.15.0.1095.71

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to
make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates
have been given a new version number, which requires you to
recompile and reinstall all third party kernel modules you might
have installed. Unless you manually uninstalled the standard
kernel metapackages (e.g. linux-generic,
linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a
standard system upgrade will automatically perform this as well.

References

* CVE-2020-14386

--- Mystic BBS v1.12 A46 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)

linux, linux-lts-trusty vulnerability

A security issue affects these releases of Ubuntu and its
derivatives:

* Ubuntu 14.04 ESM
* Ubuntu 12.04 ESM

Summary

The system could be made to crash or possibly run programs as an
administrator.

Software Description

* linux - Linux kernel
* linux-lts-trusty - Linux hardware enablement kernel from
Trusty for Precise ESM

Details

Hador Manor discovered that the DCCP protocol implementation in
the Linux kernel improperly handled socket reuse, leading to a
use-after-free vulnerability. A local attacker could use this to
cause a denial of service (system crash) or possibly execute
arbitrary code.

Update instructions

The problem can be corrected by updating your system to the
following package versions:

Ubuntu 14.04 ESM
linux-image-3.13.0-182-generic - 3.13.0-182.233
linux-image-3.13.0-182-generic-lpae - 3.13.0-182.233
linux-image-3.13.0-182-lowlatency - 3.13.0-182.233
linux-image-generic - 3.13.0.182.191
linux-image-generic-lpae - 3.13.0.182.191
linux-image-generic-pae - 3.13.0.182.191
linux-image-highbank - 3.13.0.182.191
linux-image-lowlatency - 3.13.0.182.191
linux-image-lowlatency-pae - 3.13.0.182.191
linux-image-omap - 3.13.0.182.191
linux-image-server - 3.13.0.182.191
linux-image-virtual - 3.13.0.182.191

Ubuntu 12.04 ESM
linux-image-3.13.0-182-generic - 3.13.0-182.233~12.04.1
linux-image-3.13.0-182-generic-lpae -
3.13.0-182.233~12.04.1
linux-image-3.13.0-182-lowlatency - 3.13.0-182.233~12.04.1
linux-image-3.2.0-149-generic - 3.2.0-149.196
linux-image-3.2.0-149-generic-pae - 3.2.0-149.196
linux-image-3.2.0-149-highbank - 3.2.0-149.196
linux-image-3.2.0-149-omap - 3.2.0-149.196
linux-image-3.2.0-149-virtual - 3.2.0-149.196
linux-image-generic - 3.2.0.149.163
linux-image-generic-lpae-lts-trusty - 3.13.0.182.168
linux-image-generic-lts-trusty - 3.13.0.182.168
linux-image-generic-pae - 3.2.0.149.163
linux-image-highbank - 3.2.0.149.163
linux-image-server - 3.2.0.149.163
linux-image-virtual - 3.2.0.149.163

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to
make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates
have been given a new version number, which requires you to
recompile and reinstall all third party kernel modules you might
have installed. Unless you manually uninstalled the standard
kernel metapackages (e.g. linux-generic,
linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a
standard system upgrade will automatically perform this as well.

References

* CVE-2020-16119

--- Mystic BBS v1.12 A46 (Linux/64)
* Origin: BZ&BZ BBS (21:4/110)