SB2020101415 - Ubuntu update for linux

Description

This security bulletin contains information about 4 secuirty vulnerabilities.

1) Use-after-free (CVE-ID: CVE-2020-16119)

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error caused by the reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener. A local user can trigger a use-after-free error and execute arbitrary code with elevated privileges.

2) NULL pointer dereference (CVE-ID: CVE-2018-10322)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists in the xfs_dinode_verify function in the xfs/xfs/libxfs/xfs_inode_buf.c source code file due to NULL pointer dereference when handling Extended File System (XFS) images. A local attacker can mount a specially crafted XFS filesystem image when filesystem operations are executed on the mounted image and cause the service to crash.

3) Out-of-bounds read (CVE-ID: CVE-2020-14314)

The vulnerability allows a local authenticated user to perform a denial of service (DoS) attack.

A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists.

4) NULL pointer dereference (CVE-ID: CVE-2020-25285)

The vulnerability allows a local privileged user to execute arbitrary code.

The vulnerability exists due to NULL pointer dereference within the allowed_mems_nr(), hugetlb_sysctl_handler_common() and hugetlb_overcommit_handler() functions in mm/hugetlb.c. A local privileged user can execute arbitrary code.

Remediation

Install update from vendor's website.

References

• https://ubuntu.com/security/notices/USN-4579-1