USN-4364-1: Linux kernel vulnerabilities
First published: Tue May 19 2020(Updated: )
It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19060) It was discovered that the vhost net driver in the Linux kernel contained a stack buffer overflow. A local attacker with the ability to perform ioctl() calls on /dev/vhost-net could use this to cause a denial of service (system crash). (CVE-2020-10942) It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-11494) It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565) It was discovered that the OV51x USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11608) It was discovered that the STV06XX USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11609) It was discovered that the Xirlink C-It USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11668)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-4.4.0-1071-kvm | <4.4.0-1071.78 | 4.4.0-1071.78 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-1107-aws | <4.4.0-1107.118 | 4.4.0-1107.118 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-1133-raspi2 | <4.4.0-1133.142 | 4.4.0-1133.142 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-1137-snapdragon | <4.4.0-1137.145 | 4.4.0-1137.145 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-generic | <4.4.0-179.209 | 4.4.0-179.209 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-generic-lpae | <4.4.0-179.209 | 4.4.0-179.209 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-lowlatency | <4.4.0-179.209 | 4.4.0-179.209 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-powerpc-e500mc | <4.4.0-179.209 | 4.4.0-179.209 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-powerpc-smp | <4.4.0-179.209 | 4.4.0-179.209 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-powerpc64-emb | <4.4.0-179.209 | 4.4.0-179.209 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-powerpc64-smp | <4.4.0-179.209 | 4.4.0-179.209 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-aws | <4.4.0.1107.111 | 4.4.0.1107.111 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-generic | <4.4.0.179.187 | 4.4.0.179.187 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-generic-lpae | <4.4.0.179.187 | 4.4.0.179.187 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-kvm | <4.4.0.1071.71 | 4.4.0.1071.71 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-lowlatency | <4.4.0.179.187 | 4.4.0.179.187 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-powerpc-e500mc | <4.4.0.179.187 | 4.4.0.179.187 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-powerpc-smp | <4.4.0.179.187 | 4.4.0.179.187 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-powerpc64-emb | <4.4.0.179.187 | 4.4.0.179.187 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-powerpc64-smp | <4.4.0.179.187 | 4.4.0.179.187 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-raspi2 | <4.4.0.1133.133 | 4.4.0.1133.133 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-snapdragon | <4.4.0.1137.129 | 4.4.0.1137.129 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-virtual | <4.4.0.179.187 | 4.4.0.179.187 |
| Ubuntu Linux | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-1067-aws | <4.4.0-1067.71 | 4.4.0-1067.71 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-generic | <4.4.0-179.209~14.04.1+signed1 | 4.4.0-179.209~14.04.1+signed1 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-generic-lpae | <4.4.0-179.209~14.04.1 | 4.4.0-179.209~14.04.1 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-lowlatency | <4.4.0-179.209~14.04.1+signed1 | 4.4.0-179.209~14.04.1+signed1 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-powerpc-e500mc | <4.4.0-179.209~14.04.1 | 4.4.0-179.209~14.04.1 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-powerpc-smp | <4.4.0-179.209~14.04.1 | 4.4.0-179.209~14.04.1 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-powerpc64-emb | <4.4.0-179.209~14.04.1 | 4.4.0-179.209~14.04.1 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-179-powerpc64-smp | <4.4.0-179.209~14.04.1 | 4.4.0-179.209~14.04.1 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-aws | <4.4.0.1067.68 | 4.4.0.1067.68 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-generic-lpae-lts-xenial | <4.4.0.179.158 | 4.4.0.179.158 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-generic-lts-xenial | <4.4.0.179.158 | 4.4.0.179.158 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-lowlatency-lts-xenial | <4.4.0.179.158 | 4.4.0.179.158 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-powerpc-e500mc-lts-xenial | <4.4.0.179.158 | 4.4.0.179.158 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-powerpc-smp-lts-xenial | <4.4.0.179.158 | 4.4.0.179.158 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-powerpc64-emb-lts-xenial | <4.4.0.179.158 | 4.4.0.179.158 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-powerpc64-smp-lts-xenial | <4.4.0.179.158 | 4.4.0.179.158 |
| Ubuntu Linux | =14.04 | |
| All of | ||
| ubuntu/linux-image-virtual-lts-xenial | <4.4.0.179.158 | 4.4.0.179.158 |
| Ubuntu Linux | =14.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2019-19060
- https://ubuntu.com/security/CVE-2020-10942
- https://ubuntu.com/security/CVE-2020-11494
- https://ubuntu.com/security/CVE-2020-11565
- https://ubuntu.com/security/CVE-2020-11608
- https://ubuntu.com/security/CVE-2020-11609
- https://ubuntu.com/security/CVE-2020-11668
- https://ubuntu.com/security/notices/USN-4226-1
- https://ubuntu.com/security/notices/USN-4208-1
- https://ubuntu.com/security/notices/USN-4210-1
- https://ubuntu.com/security/notices/USN-4345-1
- https://ubuntu.com/security/notices/USN-4344-1
- https://ubuntu.com/security/notices/USN-4342-1
- https://ubuntu.com/security/notices/USN-4369-1
- https://ubuntu.com/security/notices/USN-4363-1
- https://ubuntu.com/security/notices/USN-4368-1
- https://ubuntu.com/security/notices/LSN-0067-1
- https://ubuntu.com/security/notices/LSN-0068-1
- https://ubuntu.com/security/notices/LSN-0072-1
- https://ubuntu.com/security/notices/USN-4367-1
- https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1071.78
- https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1107.118
- https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1133.142
- https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1137.145
- https://launchpad.net/ubuntu/+source/linux-signed/4.4.0-179.209
- https://launchpad.net/ubuntu/+source/linux/4.4.0-179.209
- https://launchpad.net/ubuntu/+source/linux-meta-aws/4.4.0.1107.111
- https://launchpad.net/ubuntu/+source/linux-meta/4.4.0.179.187
- https://launchpad.net/ubuntu/+source/linux-meta-kvm/4.4.0.1071.71
- https://launchpad.net/ubuntu/+source/linux-meta-raspi2/4.4.0.1133.133
- https://launchpad.net/ubuntu/+source/linux-meta-snapdragon/4.4.0.1137.129
- https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1067.71
- https://launchpad.net/ubuntu/+source/linux-signed-lts-xenial/4.4.0-179.209~14.04.1+signed1
- https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-179.209~14.04.1
- https://launchpad.net/ubuntu/+source/linux-meta-aws/4.4.0.1067.68
- https://launchpad.net/ubuntu/+source/linux-meta-lts-xenial/4.4.0.179.158
- https://ubuntu.com/security/notices/USN-4364-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the severity of USN-4364-1?
The USN-4364-1 vulnerability has a severity that could lead to denial of service due to memory exhaustion.
How do I fix USN-4364-1?
To fix the USN-4364-1 vulnerability, update the affected Linux kernel packages to the specified versions listed in the advisory.
Which systems are affected by USN-4364-1?
The USN-4364-1 vulnerability affects Ubuntu 16.04 systems running specific kernel packages.
What are the potential impacts of USN-4364-1?
The potential impacts of USN-4364-1 include system crashes or unresponsive behavior due to denial of service attacks.
Is there a specific Ubuntu version to upgrade for USN-4364-1?
Yes, users should upgrade to Ubuntu 16.04 with the patched kernel versions as indicated in USN-4364-1.
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/description
- agent/references
- agent/title
- agent/weakness
- agent/trending
- agent/source
- agent/tags
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu linux
- version/ubuntu linux/16.04
- version/ubuntu linux/14.04