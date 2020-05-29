Submitted by Rianne Schestowitz on Wednesday 10th of June 2020 11:27:56 AM

Filed under

Canonical already released the other day a new version of the intel-microcode firmware to mitigate the latest Intel vulnerabilities, but now it also published new versions of the Linux kernel for all supported Ubuntu releases, including Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS.

Apart from mitigating the Intel SRBDS/CrossTalk vulnerability (CVE-2020-0543), the new Linux kernel security updates fixes race conditions (CVE-2020-12114) discovered by Piotr Krysiuk in the file system implementation, which lets a local attacker cause a denial of service (system crash).

Also addressed are a flaw (CVE-2020-0067) discovered in Linux kernel’s F2FS file system implementation that allowed a local attacker to expose sensitive information (kernel memory), and a vulnerability (CVE-2020-10751) discovered by Dmitry Vyukov in the SELinux netlink security hook, which could allow a privileged attacker to bypass SELinux netlink restrictions. The latter only affects the Linux 5.4 kernel of Ubuntu 20.04 LTS and Linux 4.15 kernel of Ubuntu 18.04 LTS and Ubuntu 16.04 LTS.