9to5Linux
Canonical published today new Linux kernel security updates to address a total of 14 security vulnerabilities in all supported Ubuntu Linux releases.
The new Ubuntu kernel patches fix several security issues discovered by various security researchers. Only for Ubuntu 20.10 (Groovy Gorilla) systems, it addresses CVE-2020-12912, a flaw found in Linux kernel’s AMD Running Average Power Limit (RAPL) driver that could allow a local attacker to expose sensitive information, as well as CVE-2020-29534, a security issue discovered by Jann Horn in the io_uring subsystem, which could allow a local attacker to either expose sensitive information or escalate his/her privileges.
For Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS systems, the new Linux kernel updates fix CVE-2020-25656 and CVE-2020-25668, race conditions discovered in Linux kernel’s console keyboard and tty drivers that could allow a local attacker to expose sensitive information (kernel memory), as well as CVE-2020-28974, a flaw discovered by Minh Yuan in Linux kernel’s framebuffer console driver, which could allow a local attacker to either crash the system by causing a denial of service or possibly expose sensitive information (kernel memory).