Debian Security Advisory DSA Linux 2

English

Debian security advisory DSA Linux 2.

Several vulnerabilities have been discovered in the Linux kernel.

The Linux kernel is a free and open-source, monolithic, Unix-like operating system kernel.

Debian security advisory DSA Linux 2.

Package: linux
CVE ID:

  • CVE-2019-3016
  • CVE-2019-19462
  • CVE-2020-0543
  • CVE-2020-10711
  • CVE-2020-10732
  • CVE-2020-10751
  • CVE-2020-10757
  • CVE-2020-12114
  • CVE-2020-12464
  • CVE-2020-12768
  • CVE-2020-12770
  • CVE-2020-13143

Debian Bug: 960271

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

CVE-2019-3016:
It was discovered that the KVM implementation for x86 did not always perform TLB flushes when needed, if the paravirtualised TLB flush feature was enabled.

This could lead to disclosure of sensitive information within a guest VM.

CVE-2019-19462:
The syzkaller tool found a missing error check in the 'relay' library used to implement various files under debugfs.

A local user permitted to access debugfs could use this to cause a denial of service (crash) or possibly for privilege escalation.

CVE-2020-0543:
Researchers at VU Amsterdam discovered that on some Intel CPUs supporting the RDRAND and RDSEED instructions, part of a random value generated by these instructions may be used in a later speculative execution on any core of the same physical CPU.

Depending on how these instructions are used by applications, a local user or VM guest could use this to obtain sensitive information such as cryptographic keys from other users or VMs.

This vulnerability can be mitigated by a microcode update, either as part of system firmware (BIOS) or through the intel-microcode package in Debian's non-free archive section.

This kernel update only provides reporting of the vulnerability and the option to disable the mitigation if it is not needed.

CVE-2020-10711:
Matthew Sheets reported NULL pointer dereference issues in the SELinux subsystem while receiving CIPSO packet with null category.

A remote attacker can take advantage of this flaw to cause a denial of service (crash). Note that this issue does not affect the binary packages distributed in Debian as CONFIG_NETLABEL is not enabled.

CVE-2020-10732:
An information leak of kernel private memory to userspace was found in the kernel's implementation of core dumping userspace processes.

CVE-2020-10751:
Dmitry Vyukov reported that the SELinux subsystem did not properly handle validating multiple messages, which could allow a privileged attacker to bypass SELinux netlink restrictions.

CVE-2020-10757:
Fan Yang reported a flaw in the way mremap handled DAX hugepages, allowing a local user to escalate their privileges.

CVE-2020-12114:
Piotr Krysiuk discovered a race condition between the umount and pivot_root operations in the filesystem core (vfs).

A local user with the CAP_SYS_ADMIN capability in any user namespace could use this to cause a denial of service (crash).

CVE-2020-12464:
Kyungtae Kim reported a race condition in the USB core that can result in a use-after-free.

It is not clear how this can be exploited, but it could result in a denial of service (crash or memory corruption) or privilege escalation.

CVE-2020-12768:
A bug was discovered in the KVM implementation for AMD processors, which could result in a memory leak.

The security impact of this is unclear.

CVE-2020-12770:
It was discovered that the sg (SCSI generic) driver did not correctly release internal resources in a particular error case.

A local user permitted to access an sg device could possibly use this to cause a denial of service (resource exhaustion).

CVE-2020-13143:
Kyungtae Kim reported a potential heap out-of-bounds write in the USB gadget subsystem.

A local user permitted to write to the gadget configuration filesystem could use this to cause a denial of service (crash or memory corruption) or potentially for privilege escalation.

For the stable distribution Debian 10 "Buster", these problems have been fixed in version 4.19.118-2+deb10u1.

This version also fixes some related bugs that do not have their own CVE IDs, and a regression in the <linux/swab.h> UAPI header introduced in the previous point release
(bug #960271).

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security tracker page.

Featured Sponsors

Games For Linux

Windows has always been the preferred platform for gaming, but after STEAM's interest in Linux more game developers are making their games natively available for Linux.

Disclaimer

All information on this website is published in good faith and for general educational purposes and for use in safe testing environments only. While linuxexperten.com strives to make the information on this site as accurate as possible, linuxexperten.com does not warrant its completeness, reliability and accuracy.

We are not responsible for any losses or damages associated with the use of our website. While we strive to provide only links to useful websites, we have no control over the content of these sites and links to other sites do not constitute a recommendation for all content contained on these websites.

 

Site Information

This is a professional review site that receives compensation from the companies whose products reviewed. Each service or product are thoroughly tested and given high marks if considered to be the very best. Independently owned and the opinions expressed here are no one elses.

 

Limited Time Offers

Coming...