USN-4255-2

Details

USN-4255-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS.

It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. (CVE-2019-14615)

It was discovered that a race condition can lead to a use-after-free while destroying GEM contexts in the i915 driver for the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-7053)

Affected Packages

Ubuntu:16.04:LTSlinux-aws-hwe

Fixed in:

4.15.0-1058.60~16.04.1

Ubuntu:16.04:LTSlinux-hwe

Fixed in:

4.15.0-76.86~16.04.1

References

REPORThttps://ubuntu.com/security/CVE-2019-14615 REPORThttps://ubuntu.com/security/CVE-2020-7053 ADVISORYhttps://ubuntu.com/security/notices/USN-4255-2

USN-4255-2

Details

Affected Packages

References

Upstream

Ecosystems

Timeline