Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-4427-1
HistoryJul 27, 2020 - 12:00 a.m.

Linux kernel vulnerabilities

2020-07-2700:00:00
ubuntu.com
185

8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.8%

JSON

Releases

  • Ubuntu 16.04 ESM
  • Ubuntu 14.04 ESM

Packages

  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-kvm - Linux kernel for cloud environments
  • linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty
  • linux-raspi2 - Linux kernel for Raspberry Pi (V7) systems
  • linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors

Details

It was discovered that the Kvaser CAN/USB driver in the Linux kernel did
not properly initialize memory in certain situations. A local attacker
could possibly use this to expose sensitive information (kernel memory).
(CVE-2019-19947)

Chuhong Yuan discovered that go7007 USB audio device driver in the Linux
kernel did not properly deallocate memory in some failure conditions. A
physically proximate attacker could use this to cause a denial of service
(memory exhaustion). (CVE-2019-20810)

Jason A. Donenfeld discovered that the ACPI implementation in the Linux
kernel did not properly restrict loading SSDT code from an EFI variable. A
privileged attacker could use this to bypass Secure Boot lockdown
restrictions and execute arbitrary code in the kernel. (CVE-2019-20908)

It was discovered that the elf handling code in the Linux kernel did not
initialize memory before using it in certain situations. A local attacker
could use this to possibly expose sensitive information (kernel memory).
(CVE-2020-10732)

It was discovered that the Linux kernel did not correctly apply Speculative
Store Bypass Disable (SSBD) mitigations in certain situations. A local
attacker could possibly use this to expose sensitive information.
(CVE-2020-10766)

It was discovered that the Linux kernel did not correctly apply Indirect
Branch Predictor Barrier (IBPB) mitigations in certain situations. A local
attacker could possibly use this to expose sensitive information.
(CVE-2020-10767)

It was discovered that the Linux kernel could incorrectly enable Indirect
Branch Speculation after it has been disabled for a process via a prctl()
call. A local attacker could possibly use this to expose sensitive
information. (CVE-2020-10768)

Mauricio Faria de Oliveira discovered that the aufs implementation in the
Linux kernel improperly managed inode reference counts in the
vfsub_dentry_open() method. A local attacker could use this vulnerability
to cause a denial of service. (CVE-2020-11935)

It was discovered that the Virtual Terminal keyboard driver in the Linux
kernel contained an integer overflow. A local attacker could possibly use
this to have an unspecified impact. (CVE-2020-13974)

It was discovered that the efi subsystem in the Linux kernel did not handle
memory allocation failures during early boot in some situations. A local
attacker could possibly use this to cause a denial of service (system
crash). (CVE-2019-12380)

Related

openvas 29
nessus 48
ubuntu 7
photon 8
fedora 2
redhat 9
attackerkb 1
osv 6
amazon 3
debian 1
suse 2
oraclelinux 5
ibm 4
redhatcve 10
debiancve 10
ubuntucve 10
prion 10
cve 10
cvelist 10
symantec 1
veracode 6
cbl_mariner 5
mageia 1
virtuozzo 1
openvas
openvas
Ubuntu: Security Advisory (USN-4427-1)
2020-07-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:1699-1)
2021-04-19 00:00:00
SUSE: Security Advisory (SUSE-SU-2020:1693-1)
2021-04-19 00:00:00
nessus
nessus
Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4427-1)
2020-07-22 00:00:00
Photon OS 2.0: Linux PHSA-2020-2.0-0256
2020-07-07 00:00:00
SUSE SLES12 Security Update : kernel (SUSE-SU-2020:1693-1)
2020-07-09 00:00:00
ubuntu
ubuntu
linux kernel vulnerabilities
2020-07-31 00:00:00
Linux kernel vulnerabilities
2020-07-27 00:00:00
Linux kernel vulnerabilities
2020-09-03 00:00:00
photon
photon
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-2.0-0256
2020-06-27 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0303
2020-06-24 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2020-1.0-0305
2020-06-30 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: kernel-5.6.19-300.fc32
2020-06-19 01:05:59
[SECURITY] Fedora 31 Update: kernel-5.6.19-200.fc31
2020-06-23 01:14:58
redhat
redhat
(RHSA-2020:3297) Important: kpatch-patch security update
2020-08-04 07:12:48
(RHSA-2020:3073) Important: kpatch-patch security update
2020-07-21 16:10:15
(RHSA-2020:3041) Important: kernel security and bug fix update
2020-07-21 14:15:28
attackerkb
attackerkb
CVE-2018-3639
2018-05-22 00:00:00
osv
osv
linux-4.19 - new package
2020-08-12 00:00:00
CVE-2019-19947
2019-12-24 00:15:10
Silent Spectre-BTB outages in Linux for Android
2021-01-01 00:00:00
amazon
amazon
Important: kernel
2020-07-21 16:34:00
Important: kernel
2020-07-21 16:34:00
Important: kernel
2020-07-14 21:14:00
debian
debian
[SECURITY] [DLA 2323-1] linux-4.19 new package
2020-08-12 16:33:42
suse
suse
Security update for the Linux Kernel (important)
2020-07-07 00:00:00
Security update for the Linux Kernel (important)
2020-08-06 00:00:00
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2020-08-10 00:00:00
Unbreakable Enterprise kernel security update
2020-07-29 00:00:00
kernel security, bug fix, and enhancement update
2020-07-24 00:00:00
ibm
ibm
Security Bulletin: There are multiple vulnerabilities in the Linux Kernel used in IBM Elastic Storage System
2022-05-25 23:01:32
Security Bulletin: IBM RackSwitch firmware products are affected by vulnerabilities in the Kernel
2023-12-07 22:45:08
Security Bulletin: IBM Flex System switch firmware products are affected by vulnerabilities in the Kernel
2023-12-07 22:45:07
redhatcve
redhatcve
CVE-2019-19947
2020-01-06 09:09:05
CVE-2019-20908
2020-07-16 17:07:53
CVE-2020-11935
2020-12-02 16:15:08
debiancve
debiancve
CVE-2019-19947
2019-12-24 00:15:00
CVE-2020-11935
2023-04-07 02:15:00
CVE-2019-20908
2020-07-15 22:15:00
ubuntucve
ubuntucve
CVE-2019-19947
2019-12-24 00:00:00
CVE-2020-11935
2020-06-29 00:00:00
CVE-2019-20908
2020-07-15 00:00:00
prion
prion
Information disclosure
2019-12-24 00:15:00
Design/Logic Flaw
2020-06-03 00:15:00
Code injection
2020-07-15 22:15:00
cve
cve
CVE-2019-19947
2019-12-24 00:15:00
CVE-2020-11935
2023-04-07 02:15:00
CVE-2020-13974
2020-06-09 05:15:00
cvelist
cvelist
CVE-2019-19947
2019-12-23 23:12:42
CVE-2019-20908
2020-07-15 21:24:27
CVE-2020-11935 aufs: improperly managed inode reference counts in the vfsub_dentry_open() method
2023-04-07 00:00:00
symantec
symantec
Linux Kernel CVE-2019-19947 Memory Leak Denial of Service Vulnerability
2019-12-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-09-21 06:31:14
Integer Overflow
2022-06-02 22:53:17
Information Disclosure
2020-07-22 03:59:56
cbl_mariner
cbl_mariner
CVE-2019-20810 affecting package kernel 5.4.91-6
2021-03-03 03:44:27
CVE-2020-13974 affecting package kernel 5.4.91-6
2021-04-06 23:51:14
CVE-2020-10766 affecting package kernel 5.4.91-6
2021-03-03 03:44:27
mageia
mageia
Updated kernel packages fix security vulnerability
2020-08-18 21:47:25
virtuozzo
virtuozzo
Important kernel security update: Virtuozzo ReadyKernel patch 110.0 for Virtuozzo Hybrid Server 7.0 and Virtuozzo Infrastructure Platform 2.5, 3.0 and Virtuozzo Hybrid Infrastructure 3.5
2020-07-06 00:00:00

8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.8%

JSON
Related for USN-4427-1
openvas29nessus48ubuntu7photon8fedora2redhat9attackerkb1osv6amazon3debian1suse2oraclelinux5ibm4redhatcve10debiancve10ubuntucve10prion10cve10cvelist10symantec1veracode6cbl_mariner5mageia1virtuozzo1