Ubuntu Security Update USN-5130-1: Linux kernel vulnerabilities

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,952
Reaction score
80
Credits
-1,257
Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661) Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-29660)

Continue reading...
 
You must log in or register to reply here.

Similar threads

LinuxBot
Ubuntu Security Update USN-8266-1: Linux kernel vulnerabilities
Replies
0
Views
166
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8267-1: Linux kernel vulnerabilities
Replies
0
Views
238
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8098-1: Linux kernel vulnerabilities
Replies
0
Views
201
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8201-1: Linux kernel (Azure) vulnerabilities
Replies
0
Views
242
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8224-1: Linux kernel (BlueField) vulnerabilities
Replies
0
Views
352
LinuxBot
LinuxBot


Follow Linux.org

Members online

Total: 4,064 (members: 4, guests: 4,060)

Latest posts

Top