CVE-2020-36311

Related Files

Ubuntu Security Notice USN-5120-1

Posted Oct 22, 2021

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5120-1 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel

systems | linux, ubuntu

advisories | CVE-2019-19449, CVE-2020-26541, CVE-2020-36311, CVE-2021-22543, CVE-2021-3612, CVE-2021-3759, CVE-2021-38199, CVE-2021-38207, CVE-2021-40490

SHA-256 | 0a4088e105c209023f79e6f139417f5c549e7100d2f58e29b718a130f141a387

Download | Favorite | View

Ubuntu Security Notice USN-5071-2

Posted Sep 17, 2021

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5071-2 - USN-5071-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 20.04 LTS for Ubuntu 18.04 LTS. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel, vulnerability

systems | linux, ubuntu

advisories | CVE-2020-36311, CVE-2021-22543, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656

SHA-256 | 08286776d53ae93088aee6f142faa0c27c8411ae4ab3530488089971ed861760

Download | Favorite | View

Ubuntu Security Notice USN-5071-1

Posted Sep 9, 2021

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5071-1 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel

systems | linux, ubuntu

advisories | CVE-2020-36311, CVE-2021-22543, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656

SHA-256 | 7801f4ce6a4419b3f2f1341fe4341924324976da2dd67f2e555b930b05113149

Download | Favorite | View

Debian Security Advisory 4941-1

Posted Jul 28, 2021

Authored by Debian | Site debian.org

Debian Linux Security Advisory 4941-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

tags | advisory, denial of service, kernel, vulnerability

systems | linux, debian

advisories | CVE-2020-36311, CVE-2021-33909, CVE-2021-34693, CVE-2021-3609

SHA-256 | 9e4606f89d1986908d6e85cb89fbdb57f27c0579df76bf6f6ebb8845f2929900

Download | Favorite | View