USN-4708-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-4708-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-4708-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-4708-1
Related
Published
2021-01-28T07:09:44.762751Z
Modified
2021-01-28T07:09:44.762751Z
Summary
linux, linux-lts-xenial vulnerabilities
Details

Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service (system crash). (CVE-2018-13093)

It was discovered that the btrfs file system implementation in the Linux kernel did not properly validate file system metadata in some situations. An attacker could use this to construct a malicious btrfs image that, when mounted, could cause a denial of service (system crash). (CVE-2019-19813, CVE-2019-19816)

Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2020-25669)

Daniel Axtens discovered that PowerPC RTAS implementation in the Linux kernel did not properly restrict memory accesses in some situations. A privileged local attacker could use this to arbitrarily modify kernel memory, potentially bypassing kernel lockdown restrictions. (CVE-2020-27777)

References

Affected packages

Ubuntu:Pro:14.04:LTS / linux-lts-xenial

Package

Name
linux-lts-xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-201.233~14.04.1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "linux-image-4.4.0-201-powerpc64-smp": "4.4.0-201.233~14.04.1",
            "linux-image-4.4.0-201-lowlatency": "4.4.0-201.233~14.04.1",
            "linux-image-4.4.0-201-powerpc64-emb": "4.4.0-201.233~14.04.1",
            "linux-image-4.4.0-201-powerpc-e500mc": "4.4.0-201.233~14.04.1",
            "linux-image-powerpc64-smp-lts-xenial": "4.4.0.201.176",
            "linux-image-virtual-lts-xenial": "4.4.0.201.176",
            "linux-image-lowlatency-lts-xenial": "4.4.0.201.176",
            "linux-image-generic-lts-xenial": "4.4.0.201.176",
            "linux-image-4.4.0-201-generic": "4.4.0-201.233~14.04.1",
            "linux-image-powerpc64-emb-lts-xenial": "4.4.0.201.176",
            "linux-image-4.4.0-201-generic-lpae": "4.4.0-201.233~14.04.1",
            "linux-image-4.4.0-201-powerpc-smp": "4.4.0-201.233~14.04.1",
            "linux-image-powerpc-smp-lts-xenial": "4.4.0.201.176",
            "linux-image-powerpc-e500mc-lts-xenial": "4.4.0.201.176",
            "linux-image-generic-lpae-lts-xenial": "4.4.0.201.176"
        }
    ]
}

Ubuntu:16.04:LTS / linux

Package

Name
linux

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-201.233

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-4.4.0-201-powerpc64-smp": "4.4.0-201.233",
            "linux-image-lowlatency-lts-vivid": "4.4.0.201.207",
            "linux-image-virtual-lts-vivid": "4.4.0.201.207",
            "linux-image-powerpc64-emb": "4.4.0.201.207",
            "linux-image-lowlatency-lts-wily": "4.4.0.201.207",
            "linux-image-powerpc-e500mc-lts-utopic": "4.4.0.201.207",
            "linux-image-powerpc-smp-lts-wily": "4.4.0.201.207",
            "linux-image-generic-lpae-lts-vivid": "4.4.0.201.207",
            "linux-image-virtual-lts-utopic": "4.4.0.201.207",
            "linux-image-powerpc64-smp-lts-xenial": "4.4.0.201.207",
            "linux-image-powerpc64-emb-lts-utopic": "4.4.0.201.207",
            "linux-image-powerpc64-smp-lts-wily": "4.4.0.201.207",
            "linux-image-powerpc-smp-lts-utopic": "4.4.0.201.207",
            "linux-image-virtual-lts-xenial": "4.4.0.201.207",
            "linux-image-4.4.0-201-powerpc64-emb": "4.4.0-201.233",
            "linux-image-powerpc-e500mc-lts-wily": "4.4.0.201.207",
            "linux-image-powerpc-smp-lts-vivid": "4.4.0.201.207",
            "linux-image-powerpc64-emb-lts-vivid": "4.4.0.201.207",
            "linux-image-powerpc64-smp": "4.4.0.201.207",
            "linux-image-generic-lts-xenial": "4.4.0.201.207",
            "linux-image-4.4.0-201-generic": "4.4.0-201.233",
            "linux-image-4.4.0-201-generic-lpae": "4.4.0-201.233",
            "linux-image-lowlatency": "4.4.0.201.207",
            "linux-image-powerpc64-smp-lts-vivid": "4.4.0.201.207",
            "linux-image-powerpc-smp-lts-xenial": "4.4.0.201.207",
            "linux-image-virtual": "4.4.0.201.207",
            "linux-image-generic-lpae-lts-xenial": "4.4.0.201.207",
            "linux-image-powerpc64-emb-lts-wily": "4.4.0.201.207",
            "linux-image-generic-lts-utopic": "4.4.0.201.207",
            "linux-image-powerpc64-smp-lts-utopic": "4.4.0.201.207",
            "linux-image-generic-lts-vivid": "4.4.0.201.207",
            "linux-image-4.4.0-201-lowlatency": "4.4.0-201.233",
            "linux-image-powerpc-e500mc-lts-vivid": "4.4.0.201.207",
            "linux-image-generic-lpae-lts-utopic": "4.4.0.201.207",
            "linux-image-4.4.0-201-powerpc-e500mc": "4.4.0-201.233",
            "linux-image-powerpc-e500mc-lts-xenial": "4.4.0.201.207",
            "linux-image-powerpc-e500mc": "4.4.0.201.207",
            "linux-image-virtual-lts-wily": "4.4.0.201.207",
            "linux-image-lowlatency-lts-xenial": "4.4.0.201.207",
            "linux-image-generic-lpae-lts-wily": "4.4.0.201.207",
            "linux-image-lowlatency-lts-utopic": "4.4.0.201.207",
            "linux-image-powerpc64-emb-lts-xenial": "4.4.0.201.207",
            "linux-image-generic": "4.4.0.201.207",
            "linux-image-4.4.0-201-powerpc-smp": "4.4.0-201.233",
            "linux-image-generic-lts-wily": "4.4.0.201.207",
            "linux-image-powerpc-smp": "4.4.0.201.207",
            "linux-image-generic-lpae": "4.4.0.201.207"
        }
    ]
}