ASA-202011-10 log generated external raw

[ASA-202011-10] linux-hardened: multiple issues
Arch Linux Security Advisory ASA-202011-10 ========================================== Severity: Medium Date : 2020-11-10 CVE-ID : CVE-2020-8694 CVE-2020-25704 Package : linux-hardened Type : multiple issues Remote : No Link : Summary ======= The package linux-hardened before version 5.9.8.a-1 is vulnerable to multiple issues including denial of service and information disclosure. Resolution ========== Upgrade to 5.9.8.a-1. # pacman -Syu "linux-hardened>=5.9.8.a-1" The problems have been fixed upstream in version 5.9.8.a. Workaround ========== - CVE-2020-8694 A temporary measure would be to remove the ability for non-root users to read the current RAPL energy reporting metrics. This can be done with the command: # sudo chmod 400 /sys/class/powercap/intel_rapl/*/energy_uj This mitigation will only work on the current boot and will need to be reapplied at each system boot to remain in effect. Description =========== - CVE-2020-8694 (information disclosure) An information disclosure flaw was found in the Linux kernel's Intel Running Average Power Limit (RAPL) implementation. A local non- privileged attacker could infer secrets by measuring power usage and also infer private data by observing the power usage of calculations performed on the data. - CVE-2020-25704 (denial of service) A memory leak has been found in the perf_event_parse_addr_filter function of Linux before 5.9.7, leading to a denial of service. Impact ====== A local attacker might be able to exhaust the memory available on the system, causing a denial of service, or access sensitive information by observing the power usage. References ==========