USN-4591-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-4591-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-4591-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-4591-1
Related
  • CVE-2020-12351
  • CVE-2020-12352
Published
2020-10-19T23:51:52.879298Z
Modified
2020-10-19T23:51:52.879298Z
Summary
linux, linux-hwe, linux-hwe-5.4, linux-oem, linux-raspi, linux-raspi-5.4, linux-snapdragon vulnerabilities
Details

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12351)

Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux kernel did not properly initialize memory in some situations. A physically proximate remote attacker could use this to expose sensitive information (kernel memory). (CVE-2020-12352)

References

Affected packages

Ubuntu:18.04:LTS / linux-hwe-5.4

Package

Name
linux-hwe-5.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-52.57~18.04.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-snapdragon-hwe-18.04": "5.4.0.52.57~18.04.46",
            "linux-image-snapdragon-hwe-18.04-edge": "5.4.0.52.57~18.04.46",
            "linux-image-generic-lpae-hwe-18.04-edge": "5.4.0.52.57~18.04.46",
            "linux-image-lowlatency-hwe-18.04": "5.4.0.52.57~18.04.46",
            "linux-image-virtual-hwe-18.04-edge": "5.4.0.52.57~18.04.46",
            "linux-image-generic-hwe-18.04": "5.4.0.52.57~18.04.46",
            "linux-image-5.4.0-52-generic": "5.4.0-52.57~18.04.1",
            "linux-image-lowlatency-hwe-18.04-edge": "5.4.0.52.57~18.04.46",
            "linux-image-virtual-hwe-18.04": "5.4.0.52.57~18.04.46",
            "linux-image-generic-hwe-18.04-edge": "5.4.0.52.57~18.04.46",
            "linux-image-5.4.0-52-lowlatency": "5.4.0-52.57~18.04.1",
            "linux-image-generic-lpae-hwe-18.04": "5.4.0.52.57~18.04.46",
            "linux-image-5.4.0-52-generic-lpae": "5.4.0-52.57~18.04.1"
        }
    ]
}

Ubuntu:18.04:LTS / linux-oem

Package

Name
linux-oem

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.15.0-1100.110

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-4.15.0-1100-oem": "4.15.0-1100.110",
            "linux-image-oem": "4.15.0.1100.104"
        }
    ]
}

Ubuntu:18.04:LTS / linux-raspi-5.4

Package

Name
linux-raspi-5.4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-1022.25~18.04.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-raspi-hwe-18.04": "5.4.0.1022.26",
            "linux-image-raspi-hwe-18.04-edge": "5.4.0.1022.26",
            "linux-image-5.4.0-1022-raspi": "5.4.0-1022.25~18.04.1"
        }
    ]
}

Ubuntu:18.04:LTS / linux-snapdragon

Package

Name
linux-snapdragon

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.15.0-1090.99

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-snapdragon": "4.15.0.1090.93",
            "linux-image-4.15.0-1090-snapdragon": "4.15.0-1090.99"
        }
    ]
}

Ubuntu:18.04:LTS / linux

Package

Name
linux

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.15.0-122.124

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-generic-lpae": "4.15.0.122.109",
            "linux-image-lowlatency-hwe-16.04": "4.15.0.122.109",
            "linux-image-generic-hwe-16.04-edge": "4.15.0.122.109",
            "linux-image-4.15.0-122-generic": "4.15.0-122.124",
            "linux-image-virtual-hwe-16.04-edge": "4.15.0.122.109",
            "linux-image-generic-hwe-16.04": "4.15.0.122.109",
            "linux-image-generic-lpae-hwe-16.04": "4.15.0.122.109",
            "linux-image-lowlatency": "4.15.0.122.109",
            "linux-image-generic-lpae-hwe-16.04-edge": "4.15.0.122.109",
            "linux-image-generic": "4.15.0.122.109",
            "linux-image-lowlatency-hwe-16.04-edge": "4.15.0.122.109",
            "linux-image-virtual": "4.15.0.122.109",
            "linux-image-4.15.0-122-lowlatency": "4.15.0-122.124",
            "linux-image-4.15.0-122-generic-lpae": "4.15.0-122.124",
            "linux-image-virtual-hwe-16.04": "4.15.0.122.109"
        }
    ]
}

Ubuntu:20.04:LTS / linux-raspi

Package

Name
linux-raspi

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-1022.25

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-raspi-hwe-18.04": "5.4.0.1022.57",
            "linux-image-raspi2-hwe-18.04-edge": "5.4.0.1022.57",
            "linux-image-raspi2-hwe-18.04": "5.4.0.1022.57",
            "linux-image-raspi-hwe-18.04-edge": "5.4.0.1022.57",
            "linux-image-5.4.0-1022-raspi": "5.4.0-1022.25",
            "linux-image-raspi": "5.4.0.1022.57",
            "linux-image-raspi2": "5.4.0.1022.57"
        }
    ]
}

Ubuntu:20.04:LTS / linux

Package

Name
linux

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-52.57

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-generic-lpae-hwe-18.04-edge": "5.4.0.52.55",
            "linux-image-lowlatency-hwe-18.04": "5.4.0.52.55",
            "linux-image-virtual-hwe-18.04-edge": "5.4.0.52.55",
            "linux-image-generic-hwe-18.04": "5.4.0.52.55",
            "linux-image-generic-lpae-hwe-20.04": "5.4.0.52.55",
            "linux-image-lowlatency-hwe-18.04-edge": "5.4.0.52.55",
            "linux-image-virtual-hwe-18.04": "5.4.0.52.55",
            "linux-image-generic-hwe-18.04-edge": "5.4.0.52.55",
            "linux-image-generic-hwe-20.04": "5.4.0.52.55",
            "linux-image-virtual-hwe-20.04": "5.4.0.52.55",
            "linux-image-5.4.0-52-generic-lpae": "5.4.0-52.57",
            "linux-image-generic-lpae-hwe-18.04": "5.4.0.52.55",
            "linux-image-5.4.0-52-lowlatency": "5.4.0-52.57",
            "linux-image-oem-osp1": "5.4.0.52.55",
            "linux-image-5.4.0-52-generic": "5.4.0-52.57",
            "linux-image-lowlatency": "5.4.0.52.55",
            "linux-image-generic": "5.4.0.52.55",
            "linux-image-lowlatency-hwe-20.04": "5.4.0.52.55",
            "linux-image-virtual": "5.4.0.52.55",
            "linux-image-oem": "5.4.0.52.55",
            "linux-image-generic-lpae": "5.4.0.52.55"
        }
    ]
}

Ubuntu:16.04:LTS / linux-hwe

Package

Name
linux-hwe

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.15.0-122.124~16.04.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-generic-hwe-16.04-edge": "4.15.0.122.122",
            "linux-image-lowlatency-hwe-16.04": "4.15.0.122.122",
            "linux-image-virtual-hwe-16.04-edge": "4.15.0.122.122",
            "linux-image-generic-hwe-16.04": "4.15.0.122.122",
            "linux-image-4.15.0-122-generic": "4.15.0-122.124~16.04.1",
            "linux-image-oem": "4.15.0.122.122",
            "linux-image-generic-lpae-hwe-16.04": "4.15.0.122.122",
            "linux-image-generic-lpae-hwe-16.04-edge": "4.15.0.122.122",
            "linux-image-lowlatency-hwe-16.04-edge": "4.15.0.122.122",
            "linux-image-4.15.0-122-lowlatency": "4.15.0-122.124~16.04.1",
            "linux-image-4.15.0-122-generic-lpae": "4.15.0-122.124~16.04.1",
            "linux-image-virtual-hwe-16.04": "4.15.0.122.122"
        }
    ]
}