type here...
Linux
Updated:

Major Linux Kernel Update Released to Fix 14 Vulnerabilities

Sienna Rowley
By Sienna Rowley
1429
0
Must Read
Sienna Rowley
Sienna Rowley
Sienna is an editor at Cloud Host News. She is an internet enthusiast, always eager to explore the latest trend in the tech space. She is a modest family woman who loves traveling in her free time.

Recently, Canonical released a major Linux kernel update to fix 14 security vulnerabilities discovered by several security researchers. The latest kernel update brings in fixes for several vulnerabilities that affect Ubuntu 20.10, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS systems.

Canonical advises all the users to update their installations to the following version as soon as possible The latest kernel versions are Linux image 4.4.0-197.229 for Ubuntu 16.04 LTS (64-bit), Linux-image 5.4.0-56.62~18.04.1 for Ubuntu 18.04 LTS (64-bit), Linux-image 5.4.0-56.62 for Ubuntu 20.04 LTS (64-bit), and Linux-image 5.8.0-31.33 for Ubuntu 20.10 (64-bit).

Recently, Linux Kernel 5.8 reached End Of Life

The Vulnerabilities

  • CVE-2020-0423: A race condition discovered in Linux kernel’s binder IPC implementation that leads to a use-after-free vulnerability and possibly enables a local attacker to cause a denial of service (system crash) or likely execute arbitrary code.
  • CVE-2020-10135: Bluetooth security vulnerability that could allow a physically proximate attacker to mimic an earlier paired Bluetooth device.
  • CVE-2020-14351: A race condition discovered in kernel’s perf subsystem that leads to a use-after-free vulnerability and possibly enables a local attacker to cause a denial of service (system crash) or likely execute arbitrary code.
  • CVE-2020-14390: The frame buffer implementation flaw that did not handle some edge cases in software scrollback. This possibly enables a local attacker to cause a denial of service (system crash) or likely execute arbitrary code.
  • CVE-2020-25211: A flaw discovered in the Netfilter connection tracker for Netlink.
  • CVE-2020-25284: A flaw discovered in Linux kernel’s Rados block device (rbd) driver, which could let a local attacker map or unmap rbd block devices.
  • CVE-2020-25643: A vulnerability identified in the HDLC PPP implementation. This presumably enables a local attacker to cause a denial of service (system crash) or likely execute arbitrary code.
  • CVE-2020-25645: A security vulnerability that could let an attacker expose sensitive information.
  • CVE-2020-25705: A flaw discovered in the Linux kernel’s ICMP global rate limiter, which could let a remote attacker facilitate attacks on UDP based services that rely on source port randomization.

Are you interested in the Linux News update? Subscribe to our newsletter now and receive regular updates.

Previous article
Google Announced the Acquisition of Actifio, a Data Management Company
Next article
Lenovo Unveils 4 New Data Management Solutions
spot_img
- Advertisement -spot_img
Latest News
LinuxSienna Rowley -

SparkyLinux 6.6 Now Available to Download

Debian-based GNU/Linux distro, SparkyLinux has got a new update Sparky 6.6 named as Po Tolo. Based on Debian 11, Sparky...
- Advertisement -spot_img

More Articles Like This

Category

Links

Stay connected

Newsletter Signup

Copyright © 2021 Cloudhostnews | All rights reserved