USN-4463-1

Details

It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. (CVE-2020-12771)

Kyungtae Kim discovered that the USB testing driver in the Linux kernel did not properly deallocate memory on disconnect events. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-15393)

Affected Packages

Ubuntu:16.04:LTSlinux

Fixed in:

4.4.0-187.217

Ubuntu:16.04:LTSlinux-aws

Fixed in:

4.4.0-1112.124

Ubuntu:16.04:LTSlinux-kvm

Fixed in:

4.4.0-1078.85

Ubuntu:16.04:LTSlinux-raspi2

Fixed in:

4.4.0-1137.146

Ubuntu:16.04:LTSlinux-snapdragon

Fixed in:

4.4.0-1141.149

Ubuntu:Pro:14.04:LTSlinux-aws

Fixed in:

4.4.0-1076.80

Ubuntu:Pro:14.04:LTSlinux-lts-xenial

Fixed in:

4.4.0-187.217~14.04.1

References

REPORThttps://ubuntu.com/security/CVE-2020-12771 REPORThttps://ubuntu.com/security/CVE-2020-15393 ADVISORYhttps://ubuntu.com/security/notices/USN-4463-1

USN-4463-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline