Early Access — Mondoo Vulnerability Intelligence is currently in preview.
Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading SSDT code from an EFI variable. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. (CVE-2019-20908)
Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Pages. A local attacker with access to DAX storage could use this to gain administrative privileges. (CVE-2020-10757)
Mauricio Faria de Oliveira discovered that the aufs implementation in the Linux kernel improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service. (CVE-2020-11935)
Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading ACPI tables via configfs. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. (CVE-2020-15780)
4.15.0-1079.83~16.04.14.15.0-1092.102~16.04.14.15.0-1080.90~16.04.14.15.0-112.113~16.04.14.15.0-1050.54~16.04.14.15.0-112.1134.15.0-1079.834.15.0-1092.1024.15.0-1080.904.15.0-1066.694.15.0-1071.724.15.0-1093.1034.15.0-1050.544.15.0-1067.714.15.0-1083.91