Errata ALT-PU-2020-3182-1: Information
Fixes
Published: Sept. 7, 2020
BDU:2020-05278
Уязвимость компонента drivers/xen/events/events_base.c ядра операционных систем Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (4.7) Vector: AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Sept. 30, 2020
BDU:2021-00137
Уязвимость функции io_uring ядра операционной системы Linux, позволяющая нарушителю повысить свои привилегии
Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links:
Published: Oct. 24, 2020
BDU:2021-02588
Уязвимость функции ioapic_lazy_update_eoi ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Nov. 6, 2020
Modified: Nov. 16, 2020
Modified: Nov. 16, 2020
CVE-2020-27152
An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering, aka CID-77377064c3a9.
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://bugzilla.kernel.org/show_bug.cgi?id=208767
- [oss-security] 20201103 CVE-2020-27152 Kernel: KVM: host stack overflow via loop due to lazy update IOAPIC
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=77377064c3a94911339f13ce113b3abf265e06da
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9.2
Published: Oct. 23, 2020
Modified: Nov. 7, 2023
Modified: Nov. 7, 2023
CVE-2020-27675
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL pointer dereference, as demonstrated by a dom0 crash via events for an in-reconfiguration paravirtualized device, aka CID-073d0552ead5.
Severity: MEDIUM (4.7) Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=073d0552ead5bfc7a3a9c01de590e924f11b5dd2
- https://github.com/torvalds/linux/commit/073d0552ead5bfc7a3a9c01de590e924f11b5dd2
- https://xenbits.xen.org/xsa/advisory-331.html
- GLSA-202011-06
- [debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update
- [debian-lts-announce] 20201218 [SECURITY] [DLA 2494-1] linux security update
- [oss-security] 20210119 Xen Security Advisory 331 v3 (CVE-2020-27675) - Race condition in Linux event handler may crash dom0
- FEDORA-2020-474d747b60
- FEDORA-2020-09e4d062fe
- FEDORA-2020-920a258c79
Published: Sept. 1, 2022
Modified: May 16, 2023
Modified: May 16, 2023
CVE-2020-27784
A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free().
Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Links:
Published: Dec. 3, 2020
Modified: June 2, 2021
Modified: June 2, 2021
CVE-2020-29534
An issue was discovered in the Linux kernel before 5.9.3. io_uring takes a non-refcounted reference to the files_struct of the process that submitted a request, causing execve() to incorrectly optimize unshare_fd(), aka CID-0f2122045b94.
Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Links: