lsn-0065-1
Vulnerability from osv_ubuntu
Published
2020-04-09 10:58
Modified
2026-06-03 10:46
Summary
Kernel Live Patch Security Notice
Details

Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual Machine) emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service (crash the host). (CVE-2013-1798)

It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information (read memory from another guest VM). (CVE-2019-3016)

Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-8428)


{
  "affected": [
    {
      "ecosystem_specific": {
        "availability": "Livepatch subscription required",
        "module_name_regex": "lkp_Ubuntu_4_4_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)",
        "module_version": "65"
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:14.04:LTS",
        "name": "linux-lts-xenial",
        "purl": "pkg:deb/ubuntu/linux-lts-xenial@4.4.0-177.207~14.04.1?arch=source\u0026distro=trusty/esm"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.4.0-177.207~14.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.4.0-13.29~14.04.1",
        "4.4.0-14.30~14.04.2",
        "4.4.0-15.31~14.04.1",
        "4.4.0-18.34~14.04.1",
        "4.4.0-21.37~14.04.1",
        "4.4.0-22.39~14.04.1",
        "4.4.0-22.40~14.04.1",
        "4.4.0-24.43~14.04.1",
        "4.4.0-28.47~14.04.1",
        "4.4.0-31.50~14.04.1",
        "4.4.0-34.53~14.04.1",
        "4.4.0-36.55~14.04.1",
        "4.4.0-38.57~14.04.1",
        "4.4.0-42.62~14.04.1",
        "4.4.0-45.66~14.04.1",
        "4.4.0-47.68~14.04.1",
        "4.4.0-51.72~14.04.1",
        "4.4.0-53.74~14.04.1",
        "4.4.0-57.78~14.04.1",
        "4.4.0-59.80~14.04.1",
        "4.4.0-62.83~14.04.1",
        "4.4.0-63.84~14.04.2",
        "4.4.0-64.85~14.04.1",
        "4.4.0-66.87~14.04.1",
        "4.4.0-67.88~14.04.1",
        "4.4.0-70.91~14.04.1",
        "4.4.0-71.92~14.04.1",
        "4.4.0-72.93~14.04.1",
        "4.4.0-75.96~14.04.1",
        "4.4.0-78.99~14.04.2",
        "4.4.0-79.100~14.04.1",
        "4.4.0-81.104~14.04.1",
        "4.4.0-83.106~14.04.1",
        "4.4.0-87.110~14.04.1",
        "4.4.0-89.112~14.04.1",
        "4.4.0-91.114~14.04.1",
        "4.4.0-92.115~14.04.1",
        "4.4.0-93.116~14.04.1",
        "4.4.0-96.119~14.04.1",
        "4.4.0-97.120~14.04.1",
        "4.4.0-98.121~14.04.1",
        "4.4.0-101.124~14.04.1",
        "4.4.0-103.126~14.04.1",
        "4.4.0-104.127~14.04.1",
        "4.4.0-108.131~14.04.1",
        "4.4.0-109.132~14.04.1",
        "4.4.0-111.134~14.04.1",
        "4.4.0-112.135~14.04.1",
        "4.4.0-116.140~14.04.1",
        "4.4.0-119.143~14.04.1",
        "4.4.0-121.145~14.04.1",
        "4.4.0-124.148~14.04.1",
        "4.4.0-127.153~14.04.1",
        "4.4.0-128.154~14.04.1",
        "4.4.0-130.156~14.04.1",
        "4.4.0-131.157~14.04.1",
        "4.4.0-133.159~14.04.1",
        "4.4.0-134.160~14.04.1",
        "4.4.0-135.161~14.04.1",
        "4.4.0-137.163~14.04.1",
        "4.4.0-138.164~14.04.1",
        "4.4.0-139.165~14.04.1",
        "4.4.0-140.166~14.04.1",
        "4.4.0-141.167~14.04.1",
        "4.4.0-142.168~14.04.1",
        "4.4.0-143.169~14.04.2",
        "4.4.0-144.170~14.04.1",
        "4.4.0-146.172~14.04.1",
        "4.4.0-148.174~14.04.1",
        "4.4.0-150.176~14.04.1",
        "4.4.0-151.178~14.04.1",
        "4.4.0-154.181~14.04.1",
        "4.4.0-157.185~14.04.1",
        "4.4.0-159.187~14.04.1",
        "4.4.0-161.189~14.04.1",
        "4.4.0-164.192~14.04.1",
        "4.4.0-165.193~14.04.1",
        "4.4.0-166.195~14.04.1",
        "4.4.0-168.197~14.04.1",
        "4.4.0-169.198~14.04.1",
        "4.4.0-170.199~14.04.1",
        "4.4.0-171.200~14.04.1",
        "4.4.0-173.203~14.04.1",
        "4.4.0-174.204~14.04.1",
        "4.4.0-176.206~14.04.1"
      ]
    },
    {
      "ecosystem_specific": {
        "availability": "Livepatch subscription required",
        "module_name_regex": "lkp_Ubuntu_4_4_0[_|\\d]+_aws_(\\d+)",
        "module_version": "65"
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:16.04:LTS",
        "name": "linux-aws",
        "purl": "pkg:deb/ubuntu/linux-aws@4.4.0-1105.116?arch=source\u0026distro=xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.4.0-1105.116"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.4.0-1001.10",
        "4.4.0-1003.12",
        "4.4.0-1004.13",
        "4.4.0-1007.16",
        "4.4.0-1009.18",
        "4.4.0-1011.20",
        "4.4.0-1012.21",
        "4.4.0-1013.22",
        "4.4.0-1016.25",
        "4.4.0-1017.26",
        "4.4.0-1018.27",
        "4.4.0-1020.29",
        "4.4.0-1022.31",
        "4.4.0-1026.35",
        "4.4.0-1028.37",
        "4.4.0-1030.39",
        "4.4.0-1031.40",
        "4.4.0-1032.41",
        "4.4.0-1035.44",
        "4.4.0-1037.46",
        "4.4.0-1038.47",
        "4.4.0-1039.48",
        "4.4.0-1041.50",
        "4.4.0-1043.52",
        "4.4.0-1044.53",
        "4.4.0-1047.56",
        "4.4.0-1048.57",
        "4.4.0-1049.58",
        "4.4.0-1050.59",
        "4.4.0-1052.61",
        "4.4.0-1054.63",
        "4.4.0-1055.64",
        "4.4.0-1057.66",
        "4.4.0-1060.69",
        "4.4.0-1061.70",
        "4.4.0-1062.71",
        "4.4.0-1063.72",
        "4.4.0-1065.75",
        "4.4.0-1066.76",
        "4.4.0-1067.77",
        "4.4.0-1069.79",
        "4.4.0-1070.80",
        "4.4.0-1072.82",
        "4.4.0-1073.83",
        "4.4.0-1074.84",
        "4.4.0-1075.85",
        "4.4.0-1077.87",
        "4.4.0-1079.89",
        "4.4.0-1081.91",
        "4.4.0-1083.93",
        "4.4.0-1084.94",
        "4.4.0-1085.96",
        "4.4.0-1087.98",
        "4.4.0-1088.99",
        "4.4.0-1090.101",
        "4.4.0-1092.103",
        "4.4.0-1094.105",
        "4.4.0-1095.106",
        "4.4.0-1096.107",
        "4.4.0-1098.109",
        "4.4.0-1099.110",
        "4.4.0-1100.111",
        "4.4.0-1101.112",
        "4.4.0-1102.113",
        "4.4.0-1104.115"
      ]
    },
    {
      "ecosystem_specific": {
        "availability": "Livepatch subscription required",
        "module_name_regex": "lkp_Ubuntu_4_15_0[_|\\d]+_azure_(\\d+)",
        "module_version": "65"
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:16.04:LTS",
        "name": "linux-azure",
        "purl": "pkg:deb/ubuntu/linux-azure@4.15.0-1077.82?arch=source\u0026distro=xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.15.0-1077.82"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.11.0-1009.9",
        "4.11.0-1011.11",
        "4.11.0-1013.13",
        "4.11.0-1014.14",
        "4.11.0-1015.15",
        "4.11.0-1016.16",
        "4.13.0-1005.7",
        "4.13.0-1006.8",
        "4.13.0-1007.9",
        "4.13.0-1009.12",
        "4.13.0-1011.14",
        "4.13.0-1012.15",
        "4.13.0-1014.17",
        "4.13.0-1016.19",
        "4.13.0-1018.21",
        "4.15.0-1013.13~16.04.2",
        "4.15.0-1014.14~16.04.1",
        "4.15.0-1018.18~16.04.1",
        "4.15.0-1019.19~16.04.1",
        "4.15.0-1021.21~16.04.1",
        "4.15.0-1022.22~16.04.1",
        "4.15.0-1023.24~16.04.1",
        "4.15.0-1025.26~16.04.1",
        "4.15.0-1028.29~16.04.1",
        "4.15.0-1030.31~16.04.1",
        "4.15.0-1031.32~16.04.1",
        "4.15.0-1032.33~16.04.1",
        "4.15.0-1035.36~16.04.1",
        "4.15.0-1036.38~16.04.1",
        "4.15.0-1037.39~16.04.1",
        "4.15.0-1039.43",
        "4.15.0-1040.44",
        "4.15.0-1041.45",
        "4.15.0-1042.46",
        "4.15.0-1045.49",
        "4.15.0-1046.50",
        "4.15.0-1047.51",
        "4.15.0-1049.54",
        "4.15.0-1050.55",
        "4.15.0-1051.56",
        "4.15.0-1052.57",
        "4.15.0-1055.60",
        "4.15.0-1056.61",
        "4.15.0-1057.62",
        "4.15.0-1059.64",
        "4.15.0-1060.65",
        "4.15.0-1061.66",
        "4.15.0-1063.68",
        "4.15.0-1064.69",
        "4.15.0-1066.71",
        "4.15.0-1067.72",
        "4.15.0-1069.74",
        "4.15.0-1071.76",
        "4.15.0-1075.80"
      ]
    },
    {
      "ecosystem_specific": {
        "availability": "Livepatch subscription required",
        "module_name_regex": "lkp_Ubuntu_4_4_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)",
        "module_version": "65"
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:16.04:LTS",
        "name": "linux",
        "purl": "pkg:deb/ubuntu/linux@4.4.0-177.207?arch=source\u0026distro=xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.4.0-177.207"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.2.0-16.19",
        "4.2.0-17.21",
        "4.2.0-19.23",
        "4.3.0-1.10",
        "4.3.0-2.11",
        "4.3.0-5.16",
        "4.3.0-6.17",
        "4.3.0-7.18",
        "4.4.0-2.16",
        "4.4.0-4.19",
        "4.4.0-6.21",
        "4.4.0-7.22",
        "4.4.0-8.23",
        "4.4.0-9.24",
        "4.4.0-10.25",
        "4.4.0-11.26",
        "4.4.0-12.28",
        "4.4.0-13.29",
        "4.4.0-14.30",
        "4.4.0-15.31",
        "4.4.0-16.32",
        "4.4.0-17.33",
        "4.4.0-18.34",
        "4.4.0-21.37",
        "4.4.0-22.39",
        "4.4.0-22.40",
        "4.4.0-24.43",
        "4.4.0-28.47",
        "4.4.0-31.50",
        "4.4.0-34.53",
        "4.4.0-36.55",
        "4.4.0-38.57",
        "4.4.0-42.62",
        "4.4.0-43.63",
        "4.4.0-45.66",
        "4.4.0-47.68",
        "4.4.0-51.72",
        "4.4.0-53.74",
        "4.4.0-57.78",
        "4.4.0-59.80",
        "4.4.0-62.83",
        "4.4.0-63.84",
        "4.4.0-64.85",
        "4.4.0-65.86",
        "4.4.0-66.87",
        "4.4.0-67.88",
        "4.4.0-70.91",
        "4.4.0-71.92",
        "4.4.0-72.93",
        "4.4.0-75.96",
        "4.4.0-77.98",
        "4.4.0-78.99",
        "4.4.0-79.100",
        "4.4.0-81.104",
        "4.4.0-83.106",
        "4.4.0-87.110",
        "4.4.0-89.112",
        "4.4.0-91.114",
        "4.4.0-92.115",
        "4.4.0-93.116",
        "4.4.0-96.119",
        "4.4.0-97.120",
        "4.4.0-98.121",
        "4.4.0-101.124",
        "4.4.0-103.126",
        "4.4.0-104.127",
        "4.4.0-108.131",
        "4.4.0-109.132",
        "4.4.0-112.135",
        "4.4.0-116.140",
        "4.4.0-119.143",
        "4.4.0-121.145",
        "4.4.0-122.146",
        "4.4.0-124.148",
        "4.4.0-127.153",
        "4.4.0-128.154",
        "4.4.0-130.156",
        "4.4.0-131.157",
        "4.4.0-133.159",
        "4.4.0-134.160",
        "4.4.0-135.161",
        "4.4.0-137.163",
        "4.4.0-138.164",
        "4.4.0-139.165",
        "4.4.0-140.166",
        "4.4.0-141.167",
        "4.4.0-142.168",
        "4.4.0-143.169",
        "4.4.0-145.171",
        "4.4.0-146.172",
        "4.4.0-148.174",
        "4.4.0-150.176",
        "4.4.0-151.178",
        "4.4.0-154.181",
        "4.4.0-157.185",
        "4.4.0-159.187",
        "4.4.0-161.189",
        "4.4.0-164.192",
        "4.4.0-165.193",
        "4.4.0-166.195",
        "4.4.0-168.197",
        "4.4.0-169.198",
        "4.4.0-170.199",
        "4.4.0-171.200",
        "4.4.0-173.203",
        "4.4.0-174.204",
        "4.4.0-176.206"
      ]
    },
    {
      "ecosystem_specific": {
        "availability": "Livepatch subscription required",
        "module_name_regex": "lkp_Ubuntu_4_15_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)",
        "module_version": "65"
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:16.04:LTS",
        "name": "linux-hwe",
        "purl": "pkg:deb/ubuntu/linux-hwe@4.15.0-96.97~16.04.1?arch=source\u0026distro=xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.15.0-96.97~16.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.8.0-36.36~16.04.1",
        "4.8.0-39.42~16.04.1",
        "4.8.0-41.44~16.04.1",
        "4.8.0-42.45~16.04.1",
        "4.8.0-44.47~16.04.1",
        "4.8.0-45.48~16.04.1",
        "4.8.0-46.49~16.04.1",
        "4.8.0-49.52~16.04.1",
        "4.8.0-51.54~16.04.1",
        "4.8.0-52.55~16.04.1",
        "4.8.0-53.56~16.04.1",
        "4.8.0-54.57~16.04.1",
        "4.8.0-56.61~16.04.1",
        "4.8.0-58.63~16.04.1",
        "4.10.0-27.30~16.04.2",
        "4.10.0-28.32~16.04.2",
        "4.10.0-30.34~16.04.1",
        "4.10.0-32.36~16.04.1",
        "4.10.0-33.37~16.04.1",
        "4.10.0-35.39~16.04.1",
        "4.10.0-37.41~16.04.1",
        "4.10.0-38.42~16.04.1",
        "4.10.0-40.44~16.04.1",
        "4.10.0-42.46~16.04.1",
        "4.13.0-26.29~16.04.2",
        "4.13.0-31.34~16.04.1",
        "4.13.0-32.35~16.04.1",
        "4.13.0-36.40~16.04.1",
        "4.13.0-37.42~16.04.1",
        "4.13.0-38.43~16.04.1",
        "4.13.0-39.44~16.04.1",
        "4.13.0-41.46~16.04.1",
        "4.13.0-43.48~16.04.1",
        "4.13.0-45.50~16.04.1",
        "4.15.0-24.26~16.04.1",
        "4.15.0-29.31~16.04.1",
        "4.15.0-30.32~16.04.1",
        "4.15.0-32.35~16.04.1",
        "4.15.0-33.36~16.04.1",
        "4.15.0-34.37~16.04.1",
        "4.15.0-36.39~16.04.1",
        "4.15.0-38.41~16.04.1",
        "4.15.0-39.42~16.04.1",
        "4.15.0-42.45~16.04.1",
        "4.15.0-43.46~16.04.1",
        "4.15.0-45.48~16.04.1",
        "4.15.0-46.49~16.04.1",
        "4.15.0-47.50~16.04.1",
        "4.15.0-48.51~16.04.1",
        "4.15.0-50.54~16.04.1",
        "4.15.0-51.55~16.04.1",
        "4.15.0-52.56~16.04.1",
        "4.15.0-54.58~16.04.1",
        "4.15.0-55.60~16.04.2",
        "4.15.0-58.64~16.04.1",
        "4.15.0-60.67~16.04.1",
        "4.15.0-62.69~16.04.1",
        "4.15.0-64.73~16.04.1",
        "4.15.0-65.74~16.04.1",
        "4.15.0-66.75~16.04.1",
        "4.15.0-69.78~16.04.1",
        "4.15.0-70.79~16.04.1",
        "4.15.0-72.81~16.04.1",
        "4.15.0-74.83~16.04.1",
        "4.15.0-76.86~16.04.1",
        "4.15.0-88.88~16.04.1",
        "4.15.0-91.92~16.04.1"
      ]
    },
    {
      "ecosystem_specific": {
        "availability": "Livepatch subscription required",
        "module_name_regex": "lkp_Ubuntu_5_0_0[_|\\d]+_azure_(\\d+)",
        "module_version": "65"
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:18.04:LTS",
        "name": "linux-azure",
        "purl": "pkg:deb/ubuntu/linux-azure@5.0.0-1036.38?arch=source\u0026distro=bionic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.0.0-1036.38"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.15.0-1002.2",
        "4.15.0-1003.3",
        "4.15.0-1004.4",
        "4.15.0-1008.8",
        "4.15.0-1009.9",
        "4.15.0-1012.12",
        "4.15.0-1013.13",
        "4.15.0-1014.14",
        "4.15.0-1018.18",
        "4.15.0-1019.19",
        "4.15.0-1021.21",
        "4.15.0-1022.23",
        "4.15.0-1023.24",
        "4.15.0-1025.26",
        "4.15.0-1028.29",
        "4.15.0-1030.31",
        "4.15.0-1031.32",
        "4.15.0-1032.33",
        "4.15.0-1035.36",
        "4.15.0-1036.38",
        "4.15.0-1037.39",
        "4.18.0-1011.11~18.04.1",
        "4.18.0-1013.13~18.04.1",
        "4.18.0-1014.14~18.04.1",
        "4.18.0-1018.18~18.04.1",
        "4.18.0-1019.19~18.04.1",
        "4.18.0-1020.20~18.04.1",
        "4.18.0-1023.24~18.04.1",
        "4.18.0-1024.25~18.04.1",
        "4.18.0-1025.27~18.04.1",
        "5.0.0-1014.14~18.04.1",
        "5.0.0-1016.17~18.04.1",
        "5.0.0-1018.19~18.04.1",
        "5.0.0-1020.21~18.04.1",
        "5.0.0-1022.23~18.04.1",
        "5.0.0-1023.24~18.04.1",
        "5.0.0-1025.27~18.04.1",
        "5.0.0-1027.29~18.04.1",
        "5.0.0-1028.30~18.04.1",
        "5.0.0-1029.31~18.04.1",
        "5.0.0-1031.33",
        "5.0.0-1032.34",
        "5.0.0-1035.37"
      ]
    },
    {
      "ecosystem_specific": {
        "availability": "Livepatch subscription required",
        "module_name_regex": "lkp_Ubuntu_5_0_0[_|\\d]+_gcp_(\\d+)",
        "module_version": "65"
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:18.04:LTS",
        "name": "linux-gcp",
        "purl": "pkg:deb/ubuntu/linux-gcp@5.0.0-1034.35?arch=source\u0026distro=bionic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.0.0-1034.35"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.15.0-1001.1",
        "4.15.0-1003.3",
        "4.15.0-1005.5",
        "4.15.0-1006.6",
        "4.15.0-1008.8",
        "4.15.0-1009.9",
        "4.15.0-1010.10",
        "4.15.0-1014.14",
        "4.15.0-1015.15",
        "4.15.0-1017.18",
        "4.15.0-1018.19",
        "4.15.0-1019.20",
        "4.15.0-1021.22",
        "4.15.0-1023.24",
        "4.15.0-1024.25",
        "4.15.0-1025.26",
        "4.15.0-1026.27",
        "4.15.0-1027.28",
        "4.15.0-1028.29",
        "4.15.0-1029.31",
        "4.15.0-1030.32",
        "4.15.0-1032.34",
        "4.15.0-1033.35",
        "4.15.0-1034.36",
        "4.15.0-1036.38",
        "4.15.0-1037.39",
        "4.15.0-1040.42",
        "4.15.0-1042.45",
        "4.15.0-1044.70",
        "5.0.0-1020.20~18.04.1",
        "5.0.0-1021.21~18.04.1",
        "5.0.0-1025.26~18.04.1",
        "5.0.0-1026.27~18.04.1",
        "5.0.0-1028.29~18.04.1",
        "5.0.0-1029.30~18.04.1",
        "5.0.0-1031.32",
        "5.0.0-1033.34"
      ]
    },
    {
      "ecosystem_specific": {
        "availability": "Livepatch subscription required",
        "module_name_regex": "lkp_Ubuntu_4_15_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)",
        "module_version": "65"
      },
      "package": {
        "ecosystem": "Ubuntu:Pro:18.04:LTS",
        "name": "linux",
        "purl": "pkg:deb/ubuntu/linux@4.15.0-96.97?arch=source\u0026distro=bionic"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.15.0-96.97"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.13.0-16.19",
        "4.13.0-17.20",
        "4.13.0-25.29",
        "4.13.0-32.35",
        "4.15.0-10.11",
        "4.15.0-12.13",
        "4.15.0-13.14",
        "4.15.0-15.16",
        "4.15.0-19.20",
        "4.15.0-20.21",
        "4.15.0-22.24",
        "4.15.0-23.25",
        "4.15.0-24.26",
        "4.15.0-29.31",
        "4.15.0-30.32",
        "4.15.0-32.35",
        "4.15.0-33.36",
        "4.15.0-34.37",
        "4.15.0-36.39",
        "4.15.0-38.41",
        "4.15.0-39.42",
        "4.15.0-42.45",
        "4.15.0-43.46",
        "4.15.0-44.47",
        "4.15.0-45.48",
        "4.15.0-46.49",
        "4.15.0-47.50",
        "4.15.0-48.51",
        "4.15.0-50.54",
        "4.15.0-51.55",
        "4.15.0-52.56",
        "4.15.0-54.58",
        "4.15.0-55.60",
        "4.15.0-58.64",
        "4.15.0-60.67",
        "4.15.0-62.69",
        "4.15.0-64.73",
        "4.15.0-65.74",
        "4.15.0-66.75",
        "4.15.0-69.78",
        "4.15.0-70.79",
        "4.15.0-72.81",
        "4.15.0-74.84",
        "4.15.0-76.86",
        "4.15.0-88.88",
        "4.15.0-91.92"
      ]
    }
  ],
  "aliases": [],
  "details": "Andrew Honig reported a flaw in the way KVM (Kernel-based Virtual\nMachine) emulated the IOAPIC. A privileged guest user could exploit\nthis flaw to read host memory or cause a denial of service (crash\nthe host). (CVE-2013-1798)\n\nIt was discovered that the KVM implementation in the Linux kernel,\nwhen paravirtual TLB flushes are enabled in guests, the hypervisor in\nsome situations could miss deferred TLB flushes or otherwise mishandle\nthem.  An attacker in a guest VM could use this to expose sensitive\ninformation (read memory from another guest VM). (CVE-2019-3016)\n\nAl Viro discovered that the vfs layer in the Linux kernel contained\na use- after-free vulnerability. A local attacker could use this to\ncause a denial of service (system crash) or possibly expose sensitive\ninformation (kernel memory). (CVE-2020-8428)",
  "id": "LSN-0065-1",
  "modified": "2026-06-03T10:46:31Z",
  "published": "2020-04-09T10:58:10Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/LSN-0065-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2013-1798"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2019-3016"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-8428"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "Kernel Live Patch Security Notice",
  "upstream": [
    "UBUNTU-CVE-2013-1798",
    "UBUNTU-CVE-2019-3016",
    "UBUNTU-CVE-2020-8428"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…