Ubuntu update for linux
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2020-29660 CVE-2020-29661 |
| CWE-ID | CWE-667 |
| Exploitation vector | Local |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system linux-image-virtual (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-server (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-lowlatency (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-generic (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-3.13.0-188-lowlatency (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-3.13.0-188-generic (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Improper locking
EUVDB-ID: #VU57039
Risk: Low
CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2020-29660
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to double-locking error in drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c. An authenticated local user can exploit this vulnerability to perform a read-after-free attack against TIOCGSID and gain access to sensitive information.
Update the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 14.04
linux-image-virtual (Ubuntu package): before 3.13.0188.239
linux-image-server (Ubuntu package): before 3.13.0188.239
linux-image-lowlatency (Ubuntu package): before 3.13.0188.239
linux-image-generic (Ubuntu package): before 3.13.0188.239
linux-image-3.13.0-188-lowlatency (Ubuntu package): before 3.13.0188.239
linux-image-3.13.0-188-generic (Ubuntu package): before 3.13.0188.239
CPE2.3- cpe:2.3:o:canonical:ubuntu:14.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:linux-image-virtual_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-server:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-lowlatency_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-generic_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-3.13.0-188-lowlatency_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-3.13.0-188-generic_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-5130-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Improper locking
EUVDB-ID: #VU51543
Risk: Low
CVSSv4.0: 7.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2020-29661
CWE-ID:
CWE-667 - Improper Locking
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to perform a escalate privileges on the system.
The vulnerability exists due to locking error in the tty subsystem of the Linux kernel in drivers/tty/tty_jobctrl.c. An local user can exploit this vulnerability to trigger a use-after-free error against TIOCSPGRP and execute arbitrary code with elevated privileges.
Update the affected package linux to the latest version.
Vulnerable software versionsUbuntu: 14.04
linux-image-virtual (Ubuntu package): before 3.13.0188.239
linux-image-server (Ubuntu package): before 3.13.0188.239
linux-image-lowlatency (Ubuntu package): before 3.13.0188.239
linux-image-generic (Ubuntu package): before 3.13.0188.239
linux-image-3.13.0-188-lowlatency (Ubuntu package): before 3.13.0188.239
linux-image-3.13.0-188-generic (Ubuntu package): before 3.13.0188.239
CPE2.3- cpe:2.3:o:canonical:ubuntu:14.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:linux-image-virtual_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-server:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-lowlatency_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-generic_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-3.13.0-188-lowlatency_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-3.13.0-188-generic_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-5130-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
