USN-4369-1
See a problem?- Source
- https://ubuntu.com/security/notices/USN-4369-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4369-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-4369-1
- Related
- Published
- 2020-05-24T02:13:08.643774Z
- Modified
- 2020-05-24T02:13:08.643774Z
- Summary
- linux, linux-aws, linux-aws-5.3, linux-azure, linux-azure-5.3, linux-gcp, linux-gcp-5.3, linux-gke-5.3, linux-hwe, linux-kvm, linux-oracle, linux-oracle-5.3, linux-raspi2 vulnerabilities
- Details
-
It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service (system crash). (CVE-2019-19377)
Tristan Madani discovered that the file locking implementation in the Linux kernel contained a race condition. A local attacker could possibly use this to cause a denial of service or expose sensitive information. (CVE-2019-19769)
It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-11494)
It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service (system crash). (CVE-2020-11565)
It was discovered that the OV51x USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11608)
It was discovered that the STV06XX USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11609)
It was discovered that the Xirlink C-It USB Camera device driver in the Linux kernel did not properly validate device metadata. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2020-11668)
It was discovered that the block layer in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-12657)
- References
-
- https://ubuntu.com/security/notices/USN-4369-1
- https://ubuntu.com/security/CVE-2019-19377
- https://ubuntu.com/security/CVE-2019-19769
- https://ubuntu.com/security/CVE-2020-11494
- https://ubuntu.com/security/CVE-2020-11565
- https://ubuntu.com/security/CVE-2020-11608
- https://ubuntu.com/security/CVE-2020-11609
- https://ubuntu.com/security/CVE-2020-11668
- https://ubuntu.com/security/CVE-2020-12657
- https://ubuntu.com/security/CVE-2020-12826
Affected packages
Ubuntu:18.04:LTS / linux-aws-5.3
Package
- Name
- linux-aws-5.3
- Purl
- pkg:deb/ubuntu/linux-aws-5.3@5.3.0-1019.21~18.04.1?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.0-1019.21~18.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-modules-extra-5.3.0-1019-aws": "5.3.0-1019.21~18.04.1",
"linux-aws-5.3-headers-5.3.0-1019": "5.3.0-1019.21~18.04.1",
"linux-cloud-tools-5.3.0-1019-aws": "5.3.0-1019.21~18.04.1",
"linux-modules-5.3.0-1019-aws": "5.3.0-1019.21~18.04.1",
"linux-aws-5.3-tools-5.3.0-1019": "5.3.0-1019.21~18.04.1",
"linux-headers-5.3.0-1019-aws": "5.3.0-1019.21~18.04.1",
"linux-image-5.3.0-1019-aws": "5.3.0-1019.21~18.04.1",
"linux-aws-5.3-cloud-tools-5.3.0-1019": "5.3.0-1019.21~18.04.1",
"linux-image-5.3.0-1019-aws-dbgsym": "5.3.0-1019.21~18.04.1",
"linux-buildinfo-5.3.0-1019-aws": "5.3.0-1019.21~18.04.1",
"linux-tools-5.3.0-1019-aws": "5.3.0-1019.21~18.04.1"
}
]
}
Ubuntu:18.04:LTS / linux-azure-5.3
Package
- Name
- linux-azure-5.3
- Purl
- pkg:deb/ubuntu/linux-azure-5.3@5.3.0-1022.23~18.04.1?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.0-1022.23~18.04.1
Affected versions
5.*
5.3.0-1007.8~18.04.1
5.3.0-1008.9~18.04.1
5.3.0-1009.10~18.04.1
5.3.0-1010.11~18.04.1
5.3.0-1012.13~18.04.1
5.3.0-1013.14~18.04.1
5.3.0-1016.17~18.04.1
5.3.0-1018.19~18.04.1
5.3.0-1019.20~18.04.1
5.3.0-1020.21~18.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-buildinfo-5.3.0-1022-azure": "5.3.0-1022.23~18.04.1",
"linux-tools-5.3.0-1022-azure": "5.3.0-1022.23~18.04.1",
"linux-image-unsigned-5.3.0-1022-azure": "5.3.0-1022.23~18.04.1",
"linux-azure-5.3-headers-5.3.0-1022": "5.3.0-1022.23~18.04.1",
"linux-image-unsigned-5.3.0-1022-azure-dbgsym": "5.3.0-1022.23~18.04.1",
"linux-azure-5.3-cloud-tools-5.3.0-1022": "5.3.0-1022.23~18.04.1",
"linux-cloud-tools-5.3.0-1022-azure": "5.3.0-1022.23~18.04.1",
"linux-headers-5.3.0-1022-azure": "5.3.0-1022.23~18.04.1",
"linux-modules-extra-5.3.0-1022-azure": "5.3.0-1022.23~18.04.1",
"linux-azure-5.3-tools-5.3.0-1022": "5.3.0-1022.23~18.04.1",
"linux-modules-5.3.0-1022-azure": "5.3.0-1022.23~18.04.1"
}
]
}
Ubuntu:18.04:LTS / linux-gcp-5.3
Package
- Name
- linux-gcp-5.3
- Purl
- pkg:deb/ubuntu/linux-gcp-5.3@5.3.0-1020.22~18.04.1?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.0-1020.22~18.04.1
Affected versions
5.*
5.3.0-1008.9~18.04.1
5.3.0-1009.10~18.04.1
5.3.0-1010.11~18.04.1
5.3.0-1012.13~18.04.1
5.3.0-1014.15~18.04.1
5.3.0-1016.17~18.04.1
5.3.0-1017.18~18.04.1
5.3.0-1018.19~18.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-tools-5.3.0-1020-gcp": "5.3.0-1020.22~18.04.1",
"linux-headers-5.3.0-1020-gcp": "5.3.0-1020.22~18.04.1",
"linux-gcp-5.3-headers-5.3.0-1020": "5.3.0-1020.22~18.04.1",
"linux-image-unsigned-5.3.0-1020-gcp-dbgsym": "5.3.0-1020.22~18.04.1",
"linux-gcp-5.3-tools-5.3.0-1020": "5.3.0-1020.22~18.04.1",
"linux-modules-5.3.0-1020-gcp": "5.3.0-1020.22~18.04.1",
"linux-buildinfo-5.3.0-1020-gcp": "5.3.0-1020.22~18.04.1",
"linux-image-unsigned-5.3.0-1020-gcp": "5.3.0-1020.22~18.04.1",
"linux-modules-extra-5.3.0-1020-gcp": "5.3.0-1020.22~18.04.1"
}
]
}
Ubuntu:18.04:LTS / linux-gke-5.3
Package
- Name
- linux-gke-5.3
- Purl
- pkg:deb/ubuntu/linux-gke-5.3@5.3.0-1020.22~18.04.1?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.0-1020.22~18.04.1
Affected versions
5.*
5.3.0-1011.12~18.04.1
5.3.0-1012.13~18.04.1
5.3.0-1014.15~18.04.1
5.3.0-1016.17~18.04.1
5.3.0-1017.18~18.04.1
5.3.0-1018.19~18.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-gke-5.3-tools-5.3.0-1020": "5.3.0-1020.22~18.04.1",
"linux-modules-5.3.0-1020-gke": "5.3.0-1020.22~18.04.1",
"linux-gke-5.3-headers-5.3.0-1020": "5.3.0-1020.22~18.04.1",
"linux-headers-5.3.0-1020-gke": "5.3.0-1020.22~18.04.1",
"linux-modules-extra-5.3.0-1020-gke": "5.3.0-1020.22~18.04.1",
"linux-image-unsigned-5.3.0-1020-gke-dbgsym": "5.3.0-1020.22~18.04.1",
"linux-buildinfo-5.3.0-1020-gke": "5.3.0-1020.22~18.04.1",
"linux-image-unsigned-5.3.0-1020-gke": "5.3.0-1020.22~18.04.1",
"linux-tools-5.3.0-1020-gke": "5.3.0-1020.22~18.04.1"
}
]
}
Ubuntu:18.04:LTS / linux-hwe
Package
- Name
- linux-hwe
- Purl
- pkg:deb/ubuntu/linux-hwe@5.3.0-53.47~18.04.1?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.0-53.47~18.04.1
Affected versions
4.*
4.18.0-13.14~18.04.1
4.18.0-14.15~18.04.1
4.18.0-15.16~18.04.1
4.18.0-16.17~18.04.1
4.18.0-17.18~18.04.1
4.18.0-18.19~18.04.1
4.18.0-20.21~18.04.1
4.18.0-21.22~18.04.1
4.18.0-22.23~18.04.1
4.18.0-24.25~18.04.1
4.18.0-25.26~18.04.1
5.*
5.0.0-23.24~18.04.1
5.0.0-25.26~18.04.1
5.0.0-27.28~18.04.1
5.0.0-29.31~18.04.1
5.0.0-31.33~18.04.1
5.0.0-32.34~18.04.2
5.0.0-35.38~18.04.1
5.0.0-36.39~18.04.1
5.0.0-37.40~18.04.1
5.3.0-26.28~18.04.1
5.3.0-28.30~18.04.1
5.3.0-40.32~18.04.1
5.3.0-42.34~18.04.1
5.3.0-45.37~18.04.1
5.3.0-46.38~18.04.1
5.3.0-51.44~18.04.2
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"vlan-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"md-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"floppy-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"kernel-image-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"input-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"nic-pcmcia-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"linux-hwe-udebs-generic-lpae": "5.3.0-53.47~18.04.1",
"fat-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"mouse-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"fs-core-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"fs-secondary-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"plip-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"fat-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"nic-shared-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"linux-image-unsigned-5.3.0-53-generic-dbgsym": "5.3.0-53.47~18.04.1",
"multipath-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"linux-hwe-cloud-tools-5.3.0-53": "5.3.0-53.47~18.04.1",
"dasd-extra-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"linux-headers-5.3.0-53-generic-lpae": "5.3.0-53.47~18.04.1",
"linux-tools-5.3.0-53-generic": "5.3.0-53.47~18.04.1",
"linux-tools-5.3.0-53-generic-lpae": "5.3.0-53.47~18.04.1",
"linux-modules-5.3.0-53-generic-lpae": "5.3.0-53.47~18.04.1",
"dasd-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"ppp-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"scsi-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"linux-source-5.3.0": "5.3.0-53.47~18.04.1",
"parport-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"pata-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"nic-usb-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"linux-buildinfo-5.3.0-53-generic-lpae": "5.3.0-53.47~18.04.1",
"linux-hwe-tools-5.3.0-53": "5.3.0-53.47~18.04.1",
"input-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"linux-image-5.3.0-53-lowlatency-dbgsym": "5.3.0-53.47~18.04.1",
"linux-image-5.3.0-53-generic": "5.3.0-53.47~18.04.1",
"message-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"linux-image-unsigned-5.3.0-53-lowlatency-dbgsym": "5.3.0-53.47~18.04.1",
"firewire-core-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"linux-image-unsigned-5.3.0-53-lowlatency": "5.3.0-53.47~18.04.1",
"sata-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"linux-image-5.3.0-53-generic-lpae": "5.3.0-53.47~18.04.1",
"sata-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"plip-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"linux-cloud-tools-5.3.0-53-lowlatency": "5.3.0-53.47~18.04.1",
"linux-hwe-udebs-generic": "5.3.0-53.47~18.04.1",
"linux-headers-5.3.0-53-lowlatency": "5.3.0-53.47~18.04.1",
"nfs-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"nfs-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"storage-core-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"fs-secondary-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"usb-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"linux-image-5.3.0-53-generic-lpae-dbgsym": "5.3.0-53.47~18.04.1",
"linux-headers-5.3.0-53-generic": "5.3.0-53.47~18.04.1",
"fb-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"nic-usb-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"storage-core-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"linux-modules-5.3.0-53-lowlatency": "5.3.0-53.47~18.04.1",
"ipmi-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"linux-modules-extra-5.3.0-53-generic": "5.3.0-53.47~18.04.1",
"linux-tools-5.3.0-53-lowlatency": "5.3.0-53.47~18.04.1",
"ppp-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"multipath-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"crypto-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"linux-cloud-tools-5.3.0-53-generic": "5.3.0-53.47~18.04.1",
"vlan-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"fs-core-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"pcmcia-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"md-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"nic-shared-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"block-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"linux-headers-5.3.0-53": "5.3.0-53.47~18.04.1",
"nic-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"linux-image-5.3.0-53-generic-dbgsym": "5.3.0-53.47~18.04.1",
"kernel-image-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"ipmi-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"block-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"linux-buildinfo-5.3.0-53-generic": "5.3.0-53.47~18.04.1",
"linux-modules-5.3.0-53-generic": "5.3.0-53.47~18.04.1",
"linux-buildinfo-5.3.0-53-lowlatency": "5.3.0-53.47~18.04.1",
"mouse-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"linux-image-unsigned-5.3.0-53-generic": "5.3.0-53.47~18.04.1",
"parport-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"nic-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"linux-image-5.3.0-53-lowlatency": "5.3.0-53.47~18.04.1",
"scsi-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"pcmcia-storage-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"crypto-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"serial-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1",
"usb-modules-5.3.0-53-generic-lpae-di": "5.3.0-53.47~18.04.1",
"virtio-modules-5.3.0-53-generic-di": "5.3.0-53.47~18.04.1"
}
]
}
Ubuntu:18.04:LTS / linux-oracle-5.3
Package
- Name
- linux-oracle-5.3
- Purl
- pkg:deb/ubuntu/linux-oracle-5.3@5.3.0-1018.20~18.04.1?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.3.0-1018.20~18.04.1
Affected versions
5.*
5.3.0-1011.12~18.04.1
5.3.0-1013.14~18.04.1
5.3.0-1014.15~18.04.1
5.3.0-1016.18~18.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-modules-extra-5.3.0-1018-oracle": "5.3.0-1018.20~18.04.1",
"linux-image-unsigned-5.3.0-1018-oracle-dbgsym": "5.3.0-1018.20~18.04.1",
"linux-tools-5.3.0-1018-oracle": "5.3.0-1018.20~18.04.1",
"linux-image-unsigned-5.3.0-1018-oracle": "5.3.0-1018.20~18.04.1",
"linux-oracle-5.3-headers-5.3.0-1018": "5.3.0-1018.20~18.04.1",
"linux-oracle-5.3-tools-5.3.0-1018": "5.3.0-1018.20~18.04.1",
"linux-headers-5.3.0-1018-oracle": "5.3.0-1018.20~18.04.1",
"linux-modules-5.3.0-1018-oracle": "5.3.0-1018.20~18.04.1",
"linux-buildinfo-5.3.0-1018-oracle": "5.3.0-1018.20~18.04.1"
}
]
}