exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 4699-1

Debian Security Advisory 4699-1
Posted Jun 28, 2020
Authored by Debian | Site debian.org

Debian Linux Security Advisory 4699-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, debian
advisories | CVE-2019-19462, CVE-2019-3016, CVE-2020-0543, CVE-2020-10711, CVE-2020-10732, CVE-2020-10751, CVE-2020-10757, CVE-2020-12114, CVE-2020-12464, CVE-2020-12768, CVE-2020-12770, CVE-2020-13143
SHA-256 | 5c9b08156b9df614e0b461fd3ef88e61fe9ad766f6bfda59ca0dca4bd59df181

Debian Security Advisory 4699-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4699-1 security@debian.org
https://www.debian.org/security/ Ben Hutchings
June 09, 2020 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : linux
CVE ID : CVE-2019-3016 CVE-2019-19462 CVE-2020-0543 CVE-2020-10711
CVE-2020-10732 CVE-2020-10751 CVE-2020-10757 CVE-2020-12114
CVE-2020-12464 CVE-2020-12768 CVE-2020-12770 CVE-2020-13143
Debian Bug : 960271

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or information
leaks.

CVE-2019-3016

It was discovered that the KVM implementation for x86 did not
always perform TLB flushes when needed, if the paravirtualised
TLB flush feature was enabled. This could lead to disclosure of
sensitive information within a guest VM.

CVE-2019-19462

The syzkaller tool found a missing error check in the 'relay'
library used to implement various files under debugfs. A local
user permitted to access debugfs could use this to cause a denial
of service (crash) or possibly for privilege escalation.

CVE-2020-0543

Researchers at VU Amsterdam discovered that on some Intel CPUs
supporting the RDRAND and RDSEED instructions, part of a random
value generated by these instructions may be used in a later
speculative execution on any core of the same physical CPU.
Depending on how these instructions are used by applications, a
local user or VM guest could use this to obtain sensitive
information such as cryptographic keys from other users or VMs.

This vulnerability can be mitigated by a microcode update, either
as part of system firmware (BIOS) or through the intel-microcode
package in Debian's non-free archive section. This kernel update
only provides reporting of the vulnerability and the option to
disable the mitigation if it is not needed.

CVE-2020-10711

Matthew Sheets reported NULL pointer dereference issues in the
SELinux subsystem while receiving CIPSO packet with null category. A
remote attacker can take advantage of this flaw to cause a denial of
service (crash). Note that this issue does not affect the binary
packages distributed in Debian as CONFIG_NETLABEL is not enabled.

CVE-2020-10732

An information leak of kernel private memory to userspace was found
in the kernel's implementation of core dumping userspace processes.

CVE-2020-10751

Dmitry Vyukov reported that the SELinux subsystem did not properly
handle validating multiple messages, which could allow a privileged
attacker to bypass SELinux netlink restrictions.

CVE-2020-10757

Fan Yang reported a flaw in the way mremap handled DAX hugepages,
allowing a local user to escalate their privileges.

CVE-2020-12114

Piotr Krysiuk discovered a race condition between the umount and
pivot_root operations in the filesystem core (vfs). A local user
with the CAP_SYS_ADMIN capability in any user namespace could use
this to cause a denial of service (crash).

CVE-2020-12464

Kyungtae Kim reported a race condition in the USB core that can
result in a use-after-free. It is not clear how this can be
exploited, but it could result in a denial of service (crash or
memory corruption) or privilege escalation.

CVE-2020-12768

A bug was discovered in the KVM implementation for AMD processors,
which could result in a memory leak. The security impact of this
is unclear.

CVE-2020-12770

It was discovered that the sg (SCSI generic) driver did not
correctly release internal resources in a particular error case.
A local user permitted to access an sg device could possibly use
this to cause a denial of service (resource exhaustion).

CVE-2020-13143

Kyungtae Kim reported a potential heap out-of-bounds write in
the USB gadget subsystem. A local user permitted to write to
the gadget configuration filesystem could use this to cause a
denial of service (crash or memory corruption) or potentially
for privilege escalation.

For the stable distribution (buster), these problems have been fixed
in version 4.19.118-2+deb10u1. This version also fixes some related
bugs that do not have their own CVE IDs, and a regression in the
<linux/swab.h> UAPI header introduced in the previous point release
(bug #960271).

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAl7f5cVfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0Q2Gg//b/hL9fW9Js1PYDU/VtS6r5Cca5xsCYlbAheAlMPMtm/Vym4NJOuEvyuI
DvPXbf0Bi7gjQ0gEgM/urJTzqjzIccwrUQe1aFHt0N9exC53z1xPWZDJepGkSQOB
2AB5YaFTxkuGur/HXbKomdMWvSVphpBM+id9v2V1iWY2iA6cI1sCjgziUKcDMECD
T7tCe4Hrjf6BY/W4xBiT0BEQNOO2i/rn7p9pNk+wi85BbC7g5ubKWGn9sSDd8KtA
u2z5tsicaM7kXaPsaW11fSPxu7YOz09qLgBQnY8B2gdMEAp3YjN9ibyHppjme3GK
02ZZUHQ+Y4MyQQgCzWxaqXCu6Aa+4B5i2nTY907BVBslrfulKRbr1qS3D2CJojT/
qYVub7C5RCW5VnbJZxCDLgSmGRbyPW2pVpnBTvID8czTUhd+M5e6fW932TzUW07w
18ueto1fRlcAauIO3SQV7Ai9froFGjH4L8XbUipiv0qwotSjcPb4HoZpp0xgNcRU
xjZW0MMhK/lyfe8gDx8wjpihbQVKtTtIaWbeoZPoMENE92yW8+7DbXjfXAylX3px
IdVaeo7iF3MOYuez4qEAsyPF4ver8Xl9HKS05J9NUYUeRf2BF3M6xFWjpTm5xjoH
bdIGBJ322sNjTAzkneriX5iO3szBDINPHII2V/AaqafhYZYWtoM=
=c00Y
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close