USN-4389-1

Source
https://ubuntu.com/security/notices/USN-4389-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4389-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-4389-1
Upstream
Related
Published
2020-06-10T17:26:22.433919Z
Modified
2025-10-13T04:35:09Z
Summary
linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oracle, linux-raspi, linux-riscv vulnerabilities
Details

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-0067)

It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information. (CVE-2020-0543)

Piotr Krysiuk discovered that race conditions existed in the file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12114)

It was discovered that the USB susbsystem's scatter-gather implementation in the Linux kernel did not properly take data references in some situations, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12464)

Bui Quang Minh discovered that the XDP socket implementation in the Linux kernel did not properly validate meta-data passed from user space, leading to an out-of-bounds write vulnerability. A local attacker with the CAPNETADMIN capability could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12659)

Dmitry Vyukov discovered that the SELinux netlink security hook in the Linux kernel did not validate messages in some situations. A privileged attacker could use this to bypass SELinux netlink restrictions. (CVE-2020-10751)

References

Affected packages

Ubuntu:20.04:LTS

linux

Package

Name
linux
Purl
pkg:deb/ubuntu/linux@5.4.0-37.41?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-37.41

Affected versions

5.*

5.3.0-18.19
5.3.0-24.26
5.4.0-9.12
5.4.0-18.22
5.4.0-21.25
5.4.0-24.28
5.4.0-25.29
5.4.0-26.30
5.4.0-28.32
5.4.0-29.33
5.4.0-31.35
5.4.0-33.37

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "block-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "block-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "crypto-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "crypto-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "dasd-extra-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "dasd-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "fat-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "fat-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "fb-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "firewire-core-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "floppy-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "fs-core-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "fs-core-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "fs-secondary-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "fs-secondary-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "input-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "input-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "ipmi-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "ipmi-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "kernel-image-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "kernel-image-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-buildinfo-5.4.0-37-generic"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-buildinfo-5.4.0-37-generic-lpae"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-buildinfo-5.4.0-37-lowlatency"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-cloud-tools-5.4.0-37"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-cloud-tools-5.4.0-37-generic"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-cloud-tools-5.4.0-37-lowlatency"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-cloud-tools-common"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-headers-5.4.0-37"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-headers-5.4.0-37-generic"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-headers-5.4.0-37-generic-lpae"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-headers-5.4.0-37-lowlatency"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-image-5.4.0-37-generic"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-image-5.4.0-37-generic-lpae"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-image-unsigned-5.4.0-37-generic"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-image-unsigned-5.4.0-37-lowlatency"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-libc-dev"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-modules-5.4.0-37-generic"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-modules-5.4.0-37-generic-lpae"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-modules-5.4.0-37-lowlatency"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-modules-extra-5.4.0-37-generic"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-source-5.4.0"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-tools-5.4.0-37"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-tools-5.4.0-37-generic"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-tools-5.4.0-37-generic-lpae"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-tools-5.4.0-37-lowlatency"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-tools-common"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-tools-host"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-udebs-generic"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "linux-udebs-generic-lpae"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "md-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "md-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "message-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "mouse-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "mouse-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "multipath-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "multipath-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "nfs-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "nfs-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "nic-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "nic-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "nic-pcmcia-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "nic-shared-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "nic-shared-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "nic-usb-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "nic-usb-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "parport-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "parport-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "pata-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "pcmcia-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "pcmcia-storage-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "plip-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "plip-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "ppp-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "ppp-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "sata-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "sata-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "scsi-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "scsi-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "serial-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "storage-core-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "storage-core-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "usb-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "usb-modules-5.4.0-37-generic-lpae-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "virtio-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "vlan-modules-5.4.0-37-generic-di"
        },
        {
            "binary_version": "5.4.0-37.41",
            "binary_name": "vlan-modules-5.4.0-37-generic-lpae-di"
        }
    ],
    "availability": "No subscription required"
}

Database specific

{
    "cves_map": {
        "cves": [
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-0067"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "negligible",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-10751"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12114"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12464"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "low",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12659"
            }
        ],
        "ecosystem": "Ubuntu:20.04:LTS"
    }
}

linux-aws

Package

Name
linux-aws
Purl
pkg:deb/ubuntu/linux-aws@5.4.0-1015.15?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-1015.15

Affected versions

5.*

5.3.0-1003.3
5.3.0-1008.9
5.3.0-1009.10
5.3.0-1010.11
5.4.0-1005.5
5.4.0-1007.7
5.4.0-1008.8
5.4.0-1009.9
5.4.0-1011.11

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-aws-cloud-tools-5.4.0-1015"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-aws-headers-5.4.0-1015"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-aws-tools-5.4.0-1015"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-buildinfo-5.4.0-1015-aws"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-cloud-tools-5.4.0-1015-aws"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-headers-5.4.0-1015-aws"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-image-5.4.0-1015-aws"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-modules-5.4.0-1015-aws"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-modules-extra-5.4.0-1015-aws"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-tools-5.4.0-1015-aws"
        }
    ],
    "availability": "No subscription required"
}

Database specific

{
    "cves_map": {
        "cves": [
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-0067"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "negligible",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-10751"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12114"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12464"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "low",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12659"
            }
        ],
        "ecosystem": "Ubuntu:20.04:LTS"
    }
}

linux-azure

Package

Name
linux-azure
Purl
pkg:deb/ubuntu/linux-azure@5.4.0-1016.16?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-1016.16

Affected versions

5.*

5.3.0-1003.3
5.3.0-1008.9
5.3.0-1009.10
5.4.0-1006.6
5.4.0-1008.8
5.4.0-1009.9
5.4.0-1010.10
5.4.0-1012.12

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "5.4.0-1016.16",
            "binary_name": "linux-azure-cloud-tools-5.4.0-1016"
        },
        {
            "binary_version": "5.4.0-1016.16",
            "binary_name": "linux-azure-headers-5.4.0-1016"
        },
        {
            "binary_version": "5.4.0-1016.16",
            "binary_name": "linux-azure-tools-5.4.0-1016"
        },
        {
            "binary_version": "5.4.0-1016.16",
            "binary_name": "linux-buildinfo-5.4.0-1016-azure"
        },
        {
            "binary_version": "5.4.0-1016.16",
            "binary_name": "linux-cloud-tools-5.4.0-1016-azure"
        },
        {
            "binary_version": "5.4.0-1016.16",
            "binary_name": "linux-headers-5.4.0-1016-azure"
        },
        {
            "binary_version": "5.4.0-1016.16",
            "binary_name": "linux-image-unsigned-5.4.0-1016-azure"
        },
        {
            "binary_version": "5.4.0-1016.16",
            "binary_name": "linux-modules-5.4.0-1016-azure"
        },
        {
            "binary_version": "5.4.0-1016.16",
            "binary_name": "linux-modules-extra-5.4.0-1016-azure"
        },
        {
            "binary_version": "5.4.0-1016.16",
            "binary_name": "linux-tools-5.4.0-1016-azure"
        }
    ],
    "availability": "No subscription required"
}

Database specific

{
    "cves_map": {
        "cves": [
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-0067"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "negligible",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-10751"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12114"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12464"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "low",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12659"
            }
        ],
        "ecosystem": "Ubuntu:20.04:LTS"
    }
}

linux-gcp

Package

Name
linux-gcp
Purl
pkg:deb/ubuntu/linux-gcp@5.4.0-1015.15?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-1015.15

Affected versions

5.*

5.3.0-1004.4
5.3.0-1009.10
5.3.0-1011.12
5.4.0-1005.5
5.4.0-1007.7
5.4.0-1008.8
5.4.0-1009.9
5.4.0-1011.11

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-buildinfo-5.4.0-1015-gcp"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-gcp-headers-5.4.0-1015"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-gcp-tools-5.4.0-1015"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-headers-5.4.0-1015-gcp"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-image-unsigned-5.4.0-1015-gcp"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-modules-5.4.0-1015-gcp"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-modules-extra-5.4.0-1015-gcp"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-tools-5.4.0-1015-gcp"
        }
    ],
    "availability": "No subscription required"
}

Database specific

{
    "cves_map": {
        "cves": [
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-0067"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "negligible",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-10751"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12114"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12464"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "low",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12659"
            }
        ],
        "ecosystem": "Ubuntu:20.04:LTS"
    }
}

linux-kvm

Package

Name
linux-kvm
Purl
pkg:deb/ubuntu/linux-kvm@5.4.0-1015.15?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-1015.15

Affected versions

5.*

5.3.0-1003.3
5.3.0-1008.9
5.3.0-1009.10
5.4.0-1004.4
5.4.0-1006.6
5.4.0-1007.7
5.4.0-1008.8
5.4.0-1009.9
5.4.0-1011.11

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-buildinfo-5.4.0-1015-kvm"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-headers-5.4.0-1015-kvm"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-image-5.4.0-1015-kvm"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-kvm-headers-5.4.0-1015"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-kvm-tools-5.4.0-1015"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-modules-5.4.0-1015-kvm"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-tools-5.4.0-1015-kvm"
        }
    ],
    "availability": "No subscription required"
}

Database specific

{
    "cves_map": {
        "cves": [
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-0067"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "negligible",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-10751"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12114"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12464"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "low",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12659"
            }
        ],
        "ecosystem": "Ubuntu:20.04:LTS"
    }
}

linux-oracle

Package

Name
linux-oracle
Purl
pkg:deb/ubuntu/linux-oracle@5.4.0-1015.15?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-1015.15

Affected versions

5.*

5.3.0-1002.2
5.3.0-1007.8
5.3.0-1008.9
5.4.0-1005.5
5.4.0-1007.7
5.4.0-1008.8
5.4.0-1009.9
5.4.0-1011.11

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-buildinfo-5.4.0-1015-oracle"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-headers-5.4.0-1015-oracle"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-image-unsigned-5.4.0-1015-oracle"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-modules-5.4.0-1015-oracle"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-modules-extra-5.4.0-1015-oracle"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-oracle-headers-5.4.0-1015"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-oracle-tools-5.4.0-1015"
        },
        {
            "binary_version": "5.4.0-1015.15",
            "binary_name": "linux-tools-5.4.0-1015-oracle"
        }
    ],
    "availability": "No subscription required"
}

Database specific

{
    "cves_map": {
        "cves": [
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-0067"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "negligible",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-10751"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12114"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12464"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "low",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12659"
            }
        ],
        "ecosystem": "Ubuntu:20.04:LTS"
    }
}

linux-raspi

Package

Name
linux-raspi
Purl
pkg:deb/ubuntu/linux-raspi@5.4.0-1012.12?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-1012.12

Affected versions

5.*

5.4.0-1007.7
5.4.0-1008.8
5.4.0-1011.11

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "5.4.0-1012.12",
            "binary_name": "linux-buildinfo-5.4.0-1012-raspi"
        },
        {
            "binary_version": "5.4.0-1012.12",
            "binary_name": "linux-headers-5.4.0-1012-raspi"
        },
        {
            "binary_version": "5.4.0-1012.12",
            "binary_name": "linux-image-5.4.0-1012-raspi"
        },
        {
            "binary_version": "5.4.0-1012.12",
            "binary_name": "linux-modules-5.4.0-1012-raspi"
        },
        {
            "binary_version": "5.4.0-1012.12",
            "binary_name": "linux-raspi-headers-5.4.0-1012"
        },
        {
            "binary_version": "5.4.0-1012.12",
            "binary_name": "linux-raspi-tools-5.4.0-1012"
        },
        {
            "binary_version": "5.4.0-1012.12",
            "binary_name": "linux-tools-5.4.0-1012-raspi"
        }
    ],
    "availability": "No subscription required"
}

Database specific

{
    "cves_map": {
        "cves": [
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-0067"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "negligible",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-10751"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12114"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12464"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "low",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12659"
            }
        ],
        "ecosystem": "Ubuntu:20.04:LTS"
    }
}

linux-riscv

Package

Name
linux-riscv
Purl
pkg:deb/ubuntu/linux-riscv@5.4.0-27.31?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-27.31

Affected versions

5.*

5.4.0-24.28
5.4.0-26.30

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "block-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "crypto-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "fat-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "firewire-core-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "fs-core-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "fs-secondary-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "input-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "ipmi-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "kernel-image-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "linux-buildinfo-5.4.0-27-generic"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "linux-headers-5.4.0-27-generic"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "linux-image-5.4.0-27-generic"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "linux-libc-dev"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "linux-modules-5.4.0-27-generic"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "linux-modules-extra-5.4.0-27-generic"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "linux-riscv-headers-5.4.0-27"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "linux-riscv-tools-5.4.0-27"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "linux-tools-5.4.0-27-generic"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "linux-udebs-generic"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "md-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "message-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "mouse-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "multipath-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "nfs-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "nic-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "nic-shared-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "nic-usb-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "parport-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "pata-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "plip-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "ppp-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "sata-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "scsi-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "storage-core-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "usb-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "virtio-modules-5.4.0-27-generic-di"
        },
        {
            "binary_version": "5.4.0-27.31",
            "binary_name": "vlan-modules-5.4.0-27-generic-di"
        }
    ],
    "availability": "No subscription required"
}

Database specific

{
    "cves_map": {
        "cves": [
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-0067"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "negligible",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-10751"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12114"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "medium",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12464"
            },
            {
                "severity": [
                    {
                        "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                        "type": "CVSS_V3"
                    },
                    {
                        "score": "low",
                        "type": "Ubuntu"
                    }
                ],
                "id": "CVE-2020-12659"
            }
        ],
        "ecosystem": "Ubuntu:20.04:LTS"
    }
}