dsa-texts/4.19.98-1+deb10u1


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67

From: Salvatore Bonaccorso <carnil@debian.org>
To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA EMBRGD-linux] linux security update

-------------------------------------------------------------------------
Debian Security Advisory DSA-EMBRGD-linux                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
April 27, 2020                        https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package        : linux
CVE ID         : CVE-2020-2732 CVE-2020-8428 CVE-2020-10942 CVE-2020-11565
                 CVE-2020-11884

Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service, or information
leak.

CVE-2020-2732

    Paulo Bonzini discovered that KVM implementation for Intel
    processors did not properly handle instruction emulation for the L2
    guest when nested virtualization is enabled, allowing the L2
    guest to trick the L0 hypervisor to access sensitive bits of the L1
    hypervisor.

CVE-2020-8428

    Al Viro discovered a use-after-free vulnerability in the VFS layer
    in the may_create_in_sticky() function, allowing a local attacker to
    cause a denial of service or obtain sensitive information from
    kernel memory.

CVE-2020-10942

    It was discovered that the get_raw_socket() function in
    drivers/vhost/net.c did not validate an sk_family field, allowing
    an attacker to trigger a stack corruption via crafted system calls.

CVE-2020-11565

    Entropy Moe reported a stack-based out-of-bounds write vulnerability
    in mpol_parse_str() in mm/mempolicy.c because an empty nodelist is
    mishandled during mount option parsing.

CVE-2020-11884

    Al Viro reported a flaw in the architecture code for s390x, where a
    page table upgrade in a kernel section that uses secondary address
    mode will mess up the kernel instructions, potentially allowing a
    unprivileged user to crash the kernel or potentially to execute user
    provided code in the kernel context.

For the stable distribution (buster), these problems have been fixed in
version 4.19.98-1+deb10u1.

We recommend that you upgrade your linux packages.

For the detailed security status of linux please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/linux

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org