Lucene search

K
ubuntuUbuntuUSN-4392-1
HistoryJun 10, 2020 - 12:00 a.m.

Linux kernel vulnerabilities

2020-06-1000:00:00
ubuntu.com
89

7.5 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

55.0%

Releases

  • Ubuntu 14.04 ESM
  • Ubuntu 12.04

Packages

  • linux - Linux kernel
  • linux-lts-trusty - Linux hardware enablement kernel from Trusty for Precise ESM

Details

It was discovered that the Marvell WiFi-Ex Driver in the Linux kernel did
not properly validate status lengths in messages received from an access
point, leading to a buffer overflow. A physically proximate attacker
controlling an access point could use this to construct messages that could
possibly result in arbitrary code execution. (CVE-2020-12654)

It was discovered that memory contents previously stored in
microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY
read operations on Intel client and Xeon E3 processors may be briefly
exposed to processes on the same or different processor cores. A local
attacker could use this to expose sensitive information. (CVE-2020-0543)

Piotr Krysiuk discovered that race conditions existed in the file system
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2020-12114)