Urgent: Ubuntu update! Kernel vulnerability discovered that could lead to denial of service or arbitrary code execution-LINUX-php.cn

Home

System Tutorial

LINUX

Urgent: Ubuntu update! Kernel vulnerability discovered that could lead to denial of service or arbitrary code execution

WBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWBOYWB

Jan 09, 2024 pm 12:02 PM

ubuntuDenial of Service VulnerabilityArbitrary code execution vulnerability

Ubuntu is a Linux operating system mainly based on desktop applications. It is open source free software that provides a robust, feature-rich computing environment suitable for both home use and business environments. Ubuntu provides commercial support to hundreds of companies around the world.

请尽快升级Ubuntu! 内核发现拒绝服务或执行任意代码漏洞

On December 2, Ubuntu released a security update that fixed important vulnerabilities such as system kernel denial of service and arbitrary code execution. The following are the vulnerability details:

Vulnerability details

Source: https://ubuntu.com/security/notices/USN-4658-1

1.CVE-2020-0423 CVSS score: 7.8 High

A race condition exists in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could exploit this vulnerability to cause a denial of service (system crash) or possibly execute arbitrary code.

2.CVE-2020-25645 CVSS Rating: 7.5 High

The GENEVE tunnel implementation in the Linux kernel when combined with IPSec did not correctly select IP routes in some cases. An attacker could exploit this vulnerability to expose sensitive information (unencrypted network traffic).

3.CVE-2020-25643 CVSS Rating: 7.2 High

The hdlcppp implementation in the Linux kernel does not validate input correctly in some cases. A local attacker could exploit this vulnerability to cause a denial of service (system crash) or possibly execute arbitrary code.

4.CVE-2020-25211 CVSS Rating: 6.0 Medium

The netfilter connection tracker for netlink in the Linux kernel does not perform bounds checking correctly in some cases. A local attacker could exploit this vulnerability to cause a denial of service (system crash)

5.CVE-2020-14390 CVSS Rating: 5.6 Medium

It was discovered that the framebuffer implementation in the Linux kernel does not correctly handle some edge cases in software rollback. A local attacker could exploit this vulnerability to cause a denial of service (system crash) or possibly execute arbitrary code

6.CVE-2020-28915 CVSS Rating: 5.5 Medium

In some cases, it was discovered in the Linux kernel implementation that it did not perform framebuffer checks correctly. A local attacker could exploit this vulnerability to expose sensitive information (kernel memory).

7.CVE-2020-10135 CVSS Rating: 5.4 Medium

Legacy Pairing and Secure Connection Pairing Authentication in the Bluetooth protocol allows unauthenticated users to complete authentication with adjacent access without pairing credentials. A physically proximate attacker could exploit this to impersonate a previously paired Bluetooth device.

8.CVE-2020-25284 CVSS Rating: 4.1 Low

The Rados block device (rbd) driver in the Linux kernel does not properly perform access checks on rbd devices in some cases. A local attacker can use this feature to map or unmap the rbd block device.

9.CVE-2020-4788 CVSS Rating: 2.9 Low

Under certain circumstances, power9 processors may be forced to expose information from the L1 cache. A local attacker could exploit this vulnerability to expose sensitive information

Affected products and versions

This vulnerability affects Ubuntu 20.04 LTS and Ubuntu 18.04 LTS

solution

This issue can be resolved by updating the system to the following package versions:

Ubuntu 20.04:

linux-image-5.4.0-1028-kvm - 5.4.0-1028.29

linux-image-5.4.0-1030-aws - 5.4.0-1030.31

linux-image-5.4.0-1030-gcp - 5.4.0-1030.32

linux-image-5.4.0-1030-oracle - 5.4.0-1030.32

linux-image-5.4.0-1032-azure - 5.4.0-1032.33

linux-image-5.4.0-56-generic - 5.4.0-56.62

linux-image-5.4.0-56-generic-lpae - 5.4.0-56.62

linux-image-5.4.0-56-lowlatency - 5.4.0-56.62

linux-image-aws-5.4.0.1030.31

linux-image-azure-5.4.0.1032.30

linux-image-gcp-5.4.0.1030.38

linux-image-generic-5.4.0.56.59

linux-image-generic-hwe-20.04-5.4.0.56.59

linux-image-generic-lpae-5.4.0.56.59

linux-image-generic-lpae-hwe-20.04-5.4.0.56.59

linux-image-gke-5.4.0.1030.38

linux-image-kvm-5.4.0.1028.26

linux-image-lowlatency-5.4.0.56.59

linux-image-lowlatency-hwe-20.04-5.4.0.56.59

linux-image-oem-5.4.0.56.59

linux-image-oem-osp1-5.4.0.56.59

linux-image-oracle-5.4.0.1030.27

linux-image-virtual-5.4.0.56.59

linux-image-virtual-hwe-20.04-5.4.0.56.59

Ubuntu 18.04:

linux-image-5.4.0-1030-aws - 5.4.0-1030.31~18.04.1

linux-image-5.4.0-1030-gcp - 5.4.0-1030.32~18.04.1

linux-image-5.4.0-1030-oracle - 5.4.0-1030.32~18.04.1

linux-image-5.4.0-1032-azure - 5.4.0-1032.33~18.04.1

linux-image-5.4.0-56-generic - 5.4.0-56.62~18.04.1

linux-image-5.4.0-56-generic-lpae - 5.4.0-56.62~18.04.1

linux-image-5.4.0-56-lowlatency - 5.4.0-56.62~18.04.1

linux-image-aws-5.4.0.1030.15

linux-image-azure-5.4.0.1032.14

linux-image-gcp-5.4.0.1030.18

linux-image-generic-hwe-18.04-5.4.0.56.62~18.04.50

linux-image-generic-lpae-hwe-18.04-5.4.0.56.62~18.04.50

linux-image-lowlatency-hwe-18.04-5.4.0.56.62~18.04.50

linux-image-oem-osp1-5.4.0.56.62~18.04.50

linux-image-oracle-5.4.0.1030.14

linux-image-snapdragon-hwe-18.04-5.4.0.56.62~18.04.50

linux-image-virtual-hwe-18.04-5.4.0.56.62~18.04.50

For more vulnerability information and upgrades, please visit the official website:

https://www.php.cn/link/9c0badf6e91e4834393525f7dca1291d

The above is the detailed content of Urgent: Ubuntu update! Kernel vulnerability discovered that could lead to denial of service or arbitrary code execution. For more information, please follow other related articles on the PHP Chinese website!

Statement

This article is reproduced at:脚本之家. If there is any infringement, please contact admin@php.cn delete

如何在 Ubuntu 和其他 Linux 下安装 IDLE Python IDEApr 08, 2023 pm 10:21 PM

IDLE（集成开发学习环境Integrated Development and Learning Environment）是一个 Python IDE，由 Python 语言本身编写，在 Windows 中通常作为 Python 安装的一部分而安装。它是初学者的理想选择，使用起来很简单。对于那些正在学习 Python 的人，比如学生，它可以作为一个很好的 IDE 来开始使用。语法高亮、智能识别和自动补全等基本功能是这个 IDE 的一些特点。你可以随时在官方文档中了

聊聊Ubuntu中怎么切换多个 PHP 版本Aug 30, 2022 pm 07:37 PM

如何在 Ubuntu 中切换多个 PHP 版本？下面本篇文章给大家介绍一下Ubuntu中切换多个 PHP 版本的方，希望对大家有所帮助！

ubuntu怎么重启nginx服务May 23, 2023 pm 12:22 PM

1.使用快捷键【Ctrl+Alt+T】打开终端命令模式。2.可以通过以下方式重启nginx服务。方法一，在nginx可执行目录sbin下，输入以下命令重启/nginx-sreload#重启方法二，查找当前nginx进程号，然后输入命令：kill-HUP进程号，实现重启nginx服务#ps-ef|grepnginx#查找当前nginx进程号]#kill-TERM132#杀死nginx进程，132为nginx进程号

docker内ubuntu乱码怎么办Nov 04, 2022 pm 12:04 PM

docker内ubuntu乱码的解决办法：1、通过“locale”查看本地使用的语言环境；2、通过“locale -a”命令查看本地支持的语言环境；3、在“/etc/profile”文件的结尾处添加“export LANG=C.UTF-8”；4、重新加载“source /etc/profile”即可。

ubuntu php无法启动服务怎么办Dec 19, 2022 am 09:46 AM

ubuntu php无法启动服务的解决办法：1、在php-fpm.conf里面设置错误日志；2、执行“/usr/sbin/php-fpm7.4 --fpm-config /etc/php/fpm/php-fpm.conf”命令；3、修改php的配置文件注释即可。

ubuntu没有php-fpm怎么办Feb 03, 2023 am 10:51 AM

ubuntu没有php-fpm的解决办法：1、通过执行“sudo apt-get”命令添加php的源地址；2、查看有没有php7的包；3、通过“sudo apt-get install”命令安装PHP；4、修改配置监听9000端口来处理nginx的请求；5、通过“sudo service php7.2-fpm start”启动“php7.2-fpm”即可。

Ubuntu如何删除无用的Linux内核May 14, 2023 pm 09:13 PM

查找无用的镜像首先，您可以检查当前使用的内核，您可以通过命令获得信息：uname-aa.例如，它在我的桌面上显示为：复制代码代码如下：magc@magc-desktop:~$uname-aLinuxmagc-desktop2.6.24-19-RT#1SMPpremptRTThu8月21日02:08336003UTC2008i686GNU/Linux然后通过查看这台机器上所有内核的列表来决定哪些需要删除：运行命令：复制代码代码如下：dpkg-get-selections|greplinux例如，我

Ubuntu下Nginx如何安装与配置May 17, 2023 am 11:01 AM

1.nginx介绍nginx是一个非常轻量级的http服务器，nginx，它的发音为“enginex”，是一个高性能的http和反向代理服务器，同时也是一个imap/pop3/smtp代理服务器。2.对php支持目前各种web服务器对php的支持一共有三种：（1）通过web服务器内置的模块来实现，例如apache的mod_php5，类似的apache内置的mod_perl可以对perl支持。（2）通过cgi来实现，这个就好比之前perl的cgi，该种方式的缺点是性能差，因为每次服务器遇到这些脚本

See all articles