Ubuntu security

USN-4486-1: Linux kernel vulnerability Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service (system crash). Source: USN-4486-1: Linux kernel vulnerability

USN-4485-1: Linux kernel vulnerabilities Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the i915_gem_execbuffer2_ioctl. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2018-20669) It was discovered that the Kvaser CAN/USB driver in the Linux kernel did not properly initialize memory in certain situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-19947) Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-20810) It was discovered that the elf handling code in the Linux kernel did not initialize memory before using it in certain situations. A local [ more… ]

USN-4483-1: Linux kernel vulnerabilities Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory in some failure conditions. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-20810) Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Pages. A local attacker with access to DAX storage could use this to gain administrative privileges. (CVE-2020-10757) It was discovered that the Linux kernel did not correctly apply Speculative Store Bypass Disable (SSBD) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10766) It was discovered that the Linux kernel did not correctly apply Indirect Branch Predictor Barrier (IBPB) mitigations in certain situations. A local attacker could possibly use this to expose sensitive information. (CVE-2020-10767) [ more… ]

USN-4482-1: Ark vulnerability Fabian Vogt discovered that Ark incorrectly handled symbolic links in tar archive files. An attacker could use this to construct a malicious tar archive that, when opened, would create files outside the extraction directory. Source: USN-4482-1: Ark vulnerability

USN-4481-1: FreeRDP vulnerabilities It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-4481-1: FreeRDP vulnerabilities