Red Hat Security Advisory 2020-1070-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, denial of service, information leakage, integer overflow, and use-after-free vulnerabilities.
578fbb91387a11babf72fafe70ea13b5
Red Hat Security Advisory 2020-1016-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, information leakage, and use-after-free vulnerabilities.
36314b16600459fc17e8c0b6131cd03e
Ubuntu Security Notice 4008-3 - USN-4008-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Robert Swiecki discovered that the Linux kernel did not properly apply Address Space Layout Randomization in some situations for setuid elf binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid elf binary. Various other issues were also addressed.
db49ff8f595ab9c220359728c2fce6de
Ubuntu Security Notice 4008-2 - USN-4008-1 fixed multiple security issues in the Linux kernel. This update provides the corresponding changes to AppArmor policy for correctly operating under the Linux kernel with fixes for CVE-2019-11190. Without these changes, some profile transitions may be unintentionally denied due to missing mmap rules. Various other issues were also addressed.
c8882ea2860369fb404f12edb2a0d011
Ubuntu Security Notice 4008-1 - Robert Swiecki discovered that the Linux kernel did not properly apply Address Space Layout Randomization in some situations for setuid elf binaries. A local attacker could use this to improve the chances of exploiting an existing vulnerability in a setuid elf binary. It was discovered that a null pointer dereference vulnerability existed in the LSI Logic MegaRAID driver in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
d990ef004d827d7c662f4a3b15d04b52