Log

AVG-1248 created at 15 Oct 2020 07:40:11
Packages
+ linux
Issues
+ CVE-2020-12351
+ CVE-2020-12352
+ CVE-2020-24490
Status
+ Vulnerable
Severity
+ Unknown
Affected
+ 5.9.arch1-1
Fixed
Ticket
Advisory qualified
+ Yes
References
+ https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html
Notes
CVE-2020-24490 created at 15 Oct 2020 07:40:11
AVG-1248 created at 15 Oct 2020 07:40:11
Packages
+ linux
Issues
+ CVE-2020-12351
+ CVE-2020-12352
+ CVE-2020-24490
Status
+ Vulnerable
Severity
+ Unknown
Affected
+ 5.9.arch1-1
Fixed
Ticket
Advisory qualified
+ Yes
References
+ https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00435.html
Notes
CVE-2020-12351 created at 15 Oct 2020 07:40:11
AVG-1247 edited at 15 Oct 2020 07:36:03
Affected
- 5.4.70-1
+ 5.4.71-1
AVG-1240 edited at 15 Oct 2020 07:34:35
Status
- Vulnerable
+ Testing
Fixed
+ 6.8.0-1
AVG-1243 edited at 15 Oct 2020 07:32:28
Status
- Vulnerable
+ Fixed
Fixed
+ 4.3.5-1
AVG-1244 edited at 14 Oct 2020 15:57:04
Affected
- 5.8.14.arch1-1
+ 5.9.arch1-1
AVG-1246 edited at 14 Oct 2020 15:56:57
Affected
- 5.8.14.zen1-1
+ 5.9.zen1-1
AVG-1244 edited at 14 Oct 2020 15:55:20
Severity
- Unknown
+ High
CVE-2020-16119 edited at 14 Oct 2020 15:55:20
Severity
- Unknown
+ High
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ Hadar Manor reported that by reusing a DCCP socket with an attached dccps_hc_tx_ccid as a listener, in Linux <= 5.9, it will be used after being released, leading to a denial of service or possibly code execution.
References
+ https://www.openwall.com/lists/oss-security/2020/10/13/7
+ https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza@canonical.com/T/
Notes
+ It was introduced by:
+
+ 2677d20677314101293e6da0094ede7b5526d2b1 "dccp: don't free
+ ccid2_hc_tx_sock struct in dccp_disconnect()"
+
+ Proposed fixes have been posted to:
+ https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza@canonical.com/T/
+
+ To mitigate this on systems that have DCCP enabled but do not use it, block module autoloading via adding the following to /etc/modprobe.d/blacklist-dccp.conf:
+
+ alias net-pf-2-proto-0-type-6 off
+ alias net-pf-2-proto-33-type-6 off
+ alias net-pf-10-proto-0-type-6 off
+ alias net-pf-10-proto-33-type-6 off
+
+ Alternatively, to prevent the dccp module from being loaded entirely, add:
+
+ blacklist dccp
+ install dccp /bin/false
AVG-1245 edited at 14 Oct 2020 15:55:20
Severity
- Unknown
+ High
CVE-2020-16119 edited at 14 Oct 2020 15:55:20
Severity
- Unknown
+ High
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ Hadar Manor reported that by reusing a DCCP socket with an attached dccps_hc_tx_ccid as a listener, in Linux <= 5.9, it will be used after being released, leading to a denial of service or possibly code execution.
References
+ https://www.openwall.com/lists/oss-security/2020/10/13/7
+ https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza@canonical.com/T/
Notes
+ It was introduced by:
+
+ 2677d20677314101293e6da0094ede7b5526d2b1 "dccp: don't free
+ ccid2_hc_tx_sock struct in dccp_disconnect()"
+
+ Proposed fixes have been posted to:
+ https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza@canonical.com/T/
+
+ To mitigate this on systems that have DCCP enabled but do not use it, block module autoloading via adding the following to /etc/modprobe.d/blacklist-dccp.conf:
+
+ alias net-pf-2-proto-0-type-6 off
+ alias net-pf-2-proto-33-type-6 off
+ alias net-pf-10-proto-0-type-6 off
+ alias net-pf-10-proto-33-type-6 off
+
+ Alternatively, to prevent the dccp module from being loaded entirely, add:
+
+ blacklist dccp
+ install dccp /bin/false
AVG-1246 edited at 14 Oct 2020 15:55:20
Severity
- Unknown
+ High
CVE-2020-16119 edited at 14 Oct 2020 15:55:20
Severity
- Unknown
+ High
Remote
- Unknown
+ Remote
Type
- Unknown
+ Arbitrary code execution
Description
+ Hadar Manor reported that by reusing a DCCP socket with an attached dccps_hc_tx_ccid as a listener, in Linux <= 5.9, it will be used after being released, leading to a denial of service or possibly code execution.
References
+ https://www.openwall.com/lists/oss-security/2020/10/13/7
+ https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza@canonical.com/T/
Notes
+ It was introduced by:
+
+ 2677d20677314101293e6da0094ede7b5526d2b1 "dccp: don't free
+ ccid2_hc_tx_sock struct in dccp_disconnect()"
+
+ Proposed fixes have been posted to:
+ https://lore.kernel.org/netdev/20201013171849.236025-1-kleber.souza@canonical.com/T/
+
+ To mitigate this on systems that have DCCP enabled but do not use it, block module autoloading via adding the following to /etc/modprobe.d/blacklist-dccp.conf:
+
+ alias net-pf-2-proto-0-type-6 off
+ alias net-pf-2-proto-33-type-6 off
+ alias net-pf-10-proto-0-type-6 off
+ alias net-pf-10-proto-33-type-6 off
+
+ Alternatively, to prevent the dccp module from being loaded entirely, add:
+
+ blacklist dccp
+ install dccp /bin/false