USN-4484-1

Details

It was discovered that the cgroup v2 subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service or possibly gain administrative privileges.

Affected Packages

Ubuntu:18.04:LTSlinux-aws-5.3

Fixed in:

5.3.0-1034.36

Ubuntu:18.04:LTSlinux-gke-5.3

Fixed in:

5.3.0-1034.36

Ubuntu:18.04:LTSlinux-hwe

Fixed in:

5.3.0-66.60

Ubuntu:18.04:LTSlinux-raspi2-5.3

Fixed in:

5.3.0-1032.34

References

REPORThttps://ubuntu.com/security/CVE-2020-14356 ADVISORYhttps://ubuntu.com/security/notices/USN-4484-1

USN-4484-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline