USN-4679-1: Linux kernel vulnerabilities<\/p>\n
It was discovered that the console keyboard driver in the Linux kernel
\ncontained a race condition. A local attacker could use this to expose
\nsensitive information (kernel memory). (CVE-2020-25656)<\/p>\n
Minh Yuan discovered that the tty driver in the Linux kernel contained race
\nconditions when handling fonts. A local attacker could possibly use this to
\nexpose sensitive information (kernel memory). (CVE-2020-25668)<\/p>\n
Kiyin (\u5c39\u4eae) discovered that the perf subsystem in the Linux kernel did
\nnot properly deallocate memory in some situations. A privileged attacker
\ncould use this to cause a denial of service (kernel memory exhaustion).
\n(CVE-2020-25704)<\/p>\n
Jinoh Kang discovered that the Xen event channel infrastructure in the
\nLinux kernel contained a race condition. An attacker in guest could
\npossibly use this to cause a denial of service (dom0 crash).
\n(CVE-2020-27675)<\/p>\n
Daniel Axtens discovered that PowerPC RTAS implementation in the Linux
\nkernel did not properly restrict memory accesses in some situations. A
\nprivileged local attacker could use this to arbitrarily modify kernel
\nmemory, potentially bypassing kernel lockdown restrictions.
\n(CVE-2020-27777)<\/p>\n
Minh Yuan discovered that the framebuffer console driver in the Linux USN-4679-1: Linux kernel vulnerabilities It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2020-25656) Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-25668) Kiyin (\u5c39\u4eae) discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service (kernel memory exhaustion). (CVE-2020-25704) Jinoh Kang discovered that the Xen event channel infrastructure in the Linux kernel contained a race condition. An attacker in guest could possibly use this to cause a denial of service (dom0 crash). (CVE-2020-27675) Daniel Axtens discovered that PowerPC RTAS implementation [ more… ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-40023","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/40023","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=40023"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/40023\/revisions"}],"predecessor-version":[{"id":40024,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/40023\/revisions\/40024"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=40023"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=40023"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=40023"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\nkernel did not properly handle fonts in some conditions. A local attacker
\ncould use this to cause a denial of service (system crash) or possibly
\nexpose sensitive information (kernel memory). (CVE-2020-28974)
\nSource: USN-4679-1: Linux kernel vulnerabilities<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"