All Vulnerability Reports

USN-4414-1: Linux kernel vulnerabilities


Severity

Medium

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 16.04

Description

It was discovered that the network block device (nbd) implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16089)

It was discovered that the btrfs file system implementation in the Linux kernel did not properly validate file system metadata in some situations. An attacker could use this to construct a malicious btrfs image that, when mounted, could cause a denial of service (system crash). (CVE-2019-19036, CVE-2019-19318, CVE-2019-19813, CVE-2019-19816)

It was discovered that the btrfs implementation in the Linux kernel did not properly detect that a block was marked dirty in some situations. An attacker could use this to specially craft a file system image that, when unmounted, could cause a denial of service (system crash). (CVE-2019-19377)

It was discovered that the kernel->user space relay implementation in the Linux kernel did not properly check return values in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-19462)

Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service (system crash). (CVE-2020-10711)

It was discovered that the SCSI generic (sg) driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2020-12770)

It was discovered that the USB Gadget device driver in the Linux kernel did not validate arguments passed from configfs in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2020-13143)

It was discovered that the efi subsystem in the Linux kernel did not handle memory allocation failures during early boot in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-12380)

It was discovered that the btrfs file system in the Linux kernel in some error conditions could report register information to the dmesg buffer. A local attacker could possibly use this to expose sensitive information. (CVE-2019-19039)

CVEs contained in this USN include: CVE-2019-19377, CVE-2020-10711, CVE-2020-12770, CVE-2020-13143, CVE-2019-19318, CVE-2019-19816, CVE-2019-19036, CVE-2019-19462, CVE-2019-12380, CVE-2019-19039, CVE-2019-19813, CVE-2019-16089

Affected VMware Products and Versions

Severity is medium unless otherwise noted.

Vulnerable Cloud Foundry components individually listed here. Impacted stemcells may be updated independently of upgrading Tanzu Application Service or Isolation Segment.

  • Isolation Segment
    • 2.7.x versions prior to 2.7.21
    • 2.8.x versions prior to 2.8.15
    • 2.9.x versions prior to 2.9.9
    • 2.10.x versions prior to 2.10.1
  • Operations Manager
    • 2.7.x versions prior to 2.7.21
    • 2.8.x versions prior to 2.8.11
    • 2.9.x versions prior to 2.9.7
  • VMware Tanzu Application Service for VMs
    • 2.7.x versions prior to 2.7.21
    • 2.8.x versions prior to 2.8.15
    • 2.9.x versions prior to 2.9.9
    • 2.10.x versions prior to 2.10.1

Mitigation

Users of affected products are strongly encouraged to follow the mitigation below. The Cloud Foundry security team recommends upgrading the affected OSS components listed here if applicable. Upgrade VMware Tanzu products that use earlier versions of CF components to new Tanzu releases using new versions linked above. On the Tanzu Network product page for each release, check the Depends On section and/or Release Notes for this information. Releases that have fixed this issue include:

  • Isolation Segment
    • 2.7.21
    • 2.8.15
    • 2.9.9
    • 2.10.1
  • Operations Manager
    • 2.7.21
    • 2.8.11
    • 2.9.7
  • VMware Tanzu Application Service for VMs
    • 2.7.21
    • 2.8.15
    • 2.9.9
    • 2.10.1

References

History

2020-08-31: Initial vulnerability report published.