9to5Linux
Canonical published today the very first Linux kernel security patch for the latest Ubuntu 20.10 (Groovy Gorilla) operating system to address two security vulnerabilities.
Released about three weeks ago, Ubuntu 20.10 is the latest version of the popular Linux-based operating system. It ships with the Linux 5.8 kernel series by default, which has now been patched against two recently discovered security vulnerabilities.
The first security vulnerability addressed in this update is CVE-2020-27194, discovered by Simon Scannell in Linux kernel’s bpf verifier, which could allow a local attacker to expose sensitive information (kernel memory) or gain administrative privileges.
The second security flaw is CVE-2020-8694 and was discovered by Andreas Kogler, Catherine Easdon, Claudio Canella, Daniel Gruss, David Oswald, Michael Schwarz, and Moritz Lipp in Linux kernel’s Intel Running Average Power Limit (RAPL) driver. This could allow a local attacker to expose sensitive information.