{"id":"USN-4324-1","summary":"linux-aws, linux-aws-hwe, linux-azure, linux-gcp, linux-gke-4.15, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities","details":"Al Viro discovered that the vfs layer in the Linux kernel contained a use-\nafter-free vulnerability. A local attacker could use this to cause a denial\nof service (system crash) or possibly expose sensitive information (kernel\nmemory). (CVE-2020-8428)\n\nShijie Luo discovered that the ext4 file system implementation in the Linux\nkernel did not properly check for a too-large journal size. An attacker\ncould use this to construct a malicious ext4 image that, when mounted,\ncould cause a denial of service (soft lockup). (CVE-2020-8992)\n","modified":"2026-02-10T04:41:48Z","published":"2020-04-07T21:00:40Z","related":["UBUNTU-CVE-2020-8428","UBUNTU-CVE-2020-8992"],"upstream":["CVE-2020-8428","CVE-2020-8992","UBUNTU-CVE-2020-8428","UBUNTU-CVE-2020-8992"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4324-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-8428"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-8992"}],"affected":[{"package":{"name":"linux-azure","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/linux-azure@4.15.0-1077.82~14.04.1?arch=source&distro=trusty/esm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1077.82~14.04.1"}]}],"versions":["4.15.0-1023.24~14.04.1","4.15.0-1030.31~14.04.1","4.15.0-1031.32~14.04.1","4.15.0-1032.33~14.04.2","4.15.0-1035.36~14.04.2","4.15.0-1036.38~14.04.2","4.15.0-1037.39~14.04.2","4.15.0-1039.41~14.04.2","4.15.0-1040.44~14.04.1","4.15.0-1041.45~14.04.1","4.15.0-1042.46~14.04.1","4.15.0-1045.49~14.04.1","4.15.0-1046.50~14.04.1","4.15.0-1047.51~14.04.1","4.15.0-1049.54~14.04.1","4.15.0-1050.55~14.04.1","4.15.0-1051.56~14.04.1","4.15.0-1052.57~14.04.1","4.15.0-1055.60~14.04.1","4.15.0-1056.61~14.04.1","4.15.0-1057.62~14.04.1","4.15.0-1059.64~14.04.1","4.15.0-1060.65~14.04.1","4.15.0-1061.66~14.04.1","4.15.0-1063.68~14.04.1","4.15.0-1064.69~14.04.1","4.15.0-1066.71~14.04.1","4.15.0-1067.72~14.04.1","4.15.0-1069.74~14.04.1","4.15.0-1071.76~14.04.1","4.15.0-1074.79~14.04.1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro","binaries":[{"binary_name":"linux-azure-cloud-tools-4.15.0-1077","binary_version":"4.15.0-1077.82~14.04.1"},{"binary_name":"linux-azure-headers-4.15.0-1077","binary_version":"4.15.0-1077.82~14.04.1"},{"binary_name":"linux-azure-tools-4.15.0-1077","binary_version":"4.15.0-1077.82~14.04.1"},{"binary_name":"linux-buildinfo-4.15.0-1077-azure","binary_version":"4.15.0-1077.82~14.04.1"},{"binary_name":"linux-cloud-tools-4.15.0-1077-azure","binary_version":"4.15.0-1077.82~14.04.1"},{"binary_name":"linux-headers-4.15.0-1077-azure","binary_version":"4.15.0-1077.82~14.04.1"},{"binary_name":"linux-image-unsigned-4.15.0-1077-azure","binary_version":"4.15.0-1077.82~14.04.1"},{"binary_name":"linux-modules-4.15.0-1077-azure","binary_version":"4.15.0-1077.82~14.04.1"},{"binary_name":"linux-modules-extra-4.15.0-1077-azure","binary_version":"4.15.0-1077.82~14.04.1"},{"binary_name":"linux-tools-4.15.0-1077-azure","binary_version":"4.15.0-1077.82~14.04.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4324-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:14.04:LTS","cves":[{"id":"CVE-2020-8428","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2020-8992","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]}}},{"package":{"name":"linux-aws-hwe","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/linux-aws-hwe@4.15.0-1065.69~16.04.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1065.69~16.04.1"}]}],"versions":["4.15.0-1030.31~16.04.1","4.15.0-1031.33~16.04.1","4.15.0-1032.34~16.04.1","4.15.0-1033.35~16.04.1","4.15.0-1035.37~16.04.1","4.15.0-1036.38~16.04.1","4.15.0-1039.41~16.04.1","4.15.0-1040.42~16.04.1","4.15.0-1041.43~16.04.1","4.15.0-1043.45~16.04.1","4.15.0-1044.46~16.04.1","4.15.0-1045.47~16.04.1","4.15.0-1047.49~16.04.1","4.15.0-1048.50~16.04.1","4.15.0-1050.52~16.04.1","4.15.0-1051.53~16.04.1","4.15.0-1052.54~16.04.1","4.15.0-1054.56~16.04.1","4.15.0-1056.58~16.04.1","4.15.0-1057.59~16.04.1","4.15.0-1058.60~16.04.1","4.15.0-1060.62~16.04.1","4.15.0-1063.67~16.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-aws-headers-4.15.0-1065","binary_version":"4.15.0-1065.69~16.04.1"},{"binary_name":"linux-aws-hwe-cloud-tools-4.15.0-1065","binary_version":"4.15.0-1065.69~16.04.1"},{"binary_name":"linux-aws-hwe-tools-4.15.0-1065","binary_version":"4.15.0-1065.69~16.04.1"},{"binary_name":"linux-buildinfo-4.15.0-1065-aws","binary_version":"4.15.0-1065.69~16.04.1"},{"binary_name":"linux-cloud-tools-4.15.0-1065-aws","binary_version":"4.15.0-1065.69~16.04.1"},{"binary_name":"linux-headers-4.15.0-1065-aws","binary_version":"4.15.0-1065.69~16.04.1"},{"binary_name":"linux-image-4.15.0-1065-aws","binary_version":"4.15.0-1065.69~16.04.1"},{"binary_name":"linux-modules-4.15.0-1065-aws","binary_version":"4.15.0-1065.69~16.04.1"},{"binary_name":"linux-modules-extra-4.15.0-1065-aws","binary_version":"4.15.0-1065.69~16.04.1"},{"binary_name":"linux-tools-4.15.0-1065-aws","binary_version":"4.15.0-1065.69~16.04.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4324-1.json","cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[{"id":"CVE-2020-8428","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2020-8992","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]}}},{"package":{"name":"linux-azure","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/linux-azure@4.15.0-1077.82?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1077.82"}]}],"versions":["4.11.0-1009.9","4.11.0-1011.11","4.11.0-1013.13","4.11.0-1014.14","4.11.0-1015.15","4.11.0-1016.16","4.13.0-1005.7","4.13.0-1006.8","4.13.0-1007.9","4.13.0-1009.12","4.13.0-1011.14","4.13.0-1012.15","4.13.0-1014.17","4.13.0-1016.19","4.13.0-1018.21","4.15.0-1013.13~16.04.2","4.15.0-1014.14~16.04.1","4.15.0-1018.18~16.04.1","4.15.0-1019.19~16.04.1","4.15.0-1021.21~16.04.1","4.15.0-1022.22~16.04.1","4.15.0-1023.24~16.04.1","4.15.0-1025.26~16.04.1","4.15.0-1028.29~16.04.1","4.15.0-1030.31~16.04.1","4.15.0-1031.32~16.04.1","4.15.0-1032.33~16.04.1","4.15.0-1035.36~16.04.1","4.15.0-1036.38~16.04.1","4.15.0-1037.39~16.04.1","4.15.0-1039.43","4.15.0-1040.44","4.15.0-1041.45","4.15.0-1042.46","4.15.0-1045.49","4.15.0-1046.50","4.15.0-1047.51","4.15.0-1049.54","4.15.0-1050.55","4.15.0-1051.56","4.15.0-1052.57","4.15.0-1055.60","4.15.0-1056.61","4.15.0-1057.62","4.15.0-1059.64","4.15.0-1060.65","4.15.0-1061.66","4.15.0-1063.68","4.15.0-1064.69","4.15.0-1066.71","4.15.0-1067.72","4.15.0-1069.74","4.15.0-1071.76","4.15.0-1075.80"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-azure-cloud-tools-4.15.0-1077","binary_version":"4.15.0-1077.82"},{"binary_name":"linux-azure-headers-4.15.0-1077","binary_version":"4.15.0-1077.82"},{"binary_name":"linux-azure-tools-4.15.0-1077","binary_version":"4.15.0-1077.82"},{"binary_name":"linux-buildinfo-4.15.0-1077-azure","binary_version":"4.15.0-1077.82"},{"binary_name":"linux-cloud-tools-4.15.0-1077-azure","binary_version":"4.15.0-1077.82"},{"binary_name":"linux-headers-4.15.0-1077-azure","binary_version":"4.15.0-1077.82"},{"binary_name":"linux-image-unsigned-4.15.0-1077-azure","binary_version":"4.15.0-1077.82"},{"binary_name":"linux-modules-4.15.0-1077-azure","binary_version":"4.15.0-1077.82"},{"binary_name":"linux-modules-extra-4.15.0-1077-azure","binary_version":"4.15.0-1077.82"},{"binary_name":"linux-tools-4.15.0-1077-azure","binary_version":"4.15.0-1077.82"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4324-1.json","cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[{"id":"CVE-2020-8428","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2020-8992","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]}}},{"package":{"name":"linux-gcp","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/linux-gcp@4.15.0-1060.64?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1060.64"}]}],"versions":["4.10.0-1004.4","4.10.0-1006.6","4.10.0-1007.7","4.10.0-1008.8","4.10.0-1009.9","4.13.0-1002.5","4.13.0-1006.9","4.13.0-1007.10","4.13.0-1008.11","4.13.0-1011.15","4.13.0-1012.16","4.13.0-1013.17","4.13.0-1015.19","4.13.0-1017.21","4.13.0-1019.23","4.15.0-1014.14~16.04.1","4.15.0-1015.15~16.04.1","4.15.0-1017.18~16.04.1","4.15.0-1018.19~16.04.2","4.15.0-1019.20~16.04.1","4.15.0-1021.22~16.04.1","4.15.0-1023.24~16.04.1","4.15.0-1024.25~16.04.2","4.15.0-1025.26~16.04.1","4.15.0-1026.27~16.04.1","4.15.0-1027.28~16.04.1","4.15.0-1028.29~16.04.1","4.15.0-1029.31~16.04.1","4.15.0-1030.32~16.04.1","4.15.0-1032.34~16.04.1","4.15.0-1033.35~16.04.1","4.15.0-1034.36~16.04.1","4.15.0-1036.38~16.04.1","4.15.0-1037.39~16.04.1","4.15.0-1040.42~16.04.1","4.15.0-1041.43","4.15.0-1042.44","4.15.0-1044.46","4.15.0-1046.49","4.15.0-1047.50","4.15.0-1049.52","4.15.0-1050.53","4.15.0-1052.56","4.15.0-1055.59","4.15.0-1058.62"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-buildinfo-4.15.0-1060-gcp","binary_version":"4.15.0-1060.64"},{"binary_name":"linux-gcp-headers-4.15.0-1060","binary_version":"4.15.0-1060.64"},{"binary_name":"linux-gcp-tools-4.15.0-1060","binary_version":"4.15.0-1060.64"},{"binary_name":"linux-headers-4.15.0-1060-gcp","binary_version":"4.15.0-1060.64"},{"binary_name":"linux-image-unsigned-4.15.0-1060-gcp","binary_version":"4.15.0-1060.64"},{"binary_name":"linux-modules-4.15.0-1060-gcp","binary_version":"4.15.0-1060.64"},{"binary_name":"linux-modules-extra-4.15.0-1060-gcp","binary_version":"4.15.0-1060.64"},{"binary_name":"linux-tools-4.15.0-1060-gcp","binary_version":"4.15.0-1060.64"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4324-1.json","cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[{"id":"CVE-2020-8428","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2020-8992","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]}}},{"package":{"name":"linux-oracle","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/linux-oracle@4.15.0-1037.41~16.04.1?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1037.41~16.04.1"}]}],"versions":["4.15.0-1007.9~16.04.1","4.15.0-1008.10~16.04.1","4.15.0-1009.11~16.04.1","4.15.0-1010.12~16.04.1","4.15.0-1011.13~16.04.1","4.15.0-1013.15~16.04.1","4.15.0-1014.16~16.04.1","4.15.0-1015.17~16.04.1","4.15.0-1017.19~16.04.2","4.15.0-1018.20~16.04.1","4.15.0-1021.23~16.04.1","4.15.0-1022.25~16.04.1","4.15.0-1023.26~16.04.1","4.15.0-1025.28~16.04.1","4.15.0-1026.29~16.04.1","4.15.0-1027.30~16.04.1","4.15.0-1029.32~16.04.1","4.15.0-1030.33~16.04.1","4.15.0-1031.34~16.04.1","4.15.0-1033.36~16.04.1","4.15.0-1035.38~16.04.1"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-buildinfo-4.15.0-1037-oracle","binary_version":"4.15.0-1037.41~16.04.1"},{"binary_name":"linux-headers-4.15.0-1037-oracle","binary_version":"4.15.0-1037.41~16.04.1"},{"binary_name":"linux-image-unsigned-4.15.0-1037-oracle","binary_version":"4.15.0-1037.41~16.04.1"},{"binary_name":"linux-modules-4.15.0-1037-oracle","binary_version":"4.15.0-1037.41~16.04.1"},{"binary_name":"linux-modules-extra-4.15.0-1037-oracle","binary_version":"4.15.0-1037.41~16.04.1"},{"binary_name":"linux-oracle-headers-4.15.0-1037","binary_version":"4.15.0-1037.41~16.04.1"},{"binary_name":"linux-oracle-tools-4.15.0-1037","binary_version":"4.15.0-1037.41~16.04.1"},{"binary_name":"linux-tools-4.15.0-1037-oracle","binary_version":"4.15.0-1037.41~16.04.1"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4324-1.json","cves_map":{"ecosystem":"Ubuntu:16.04:LTS","cves":[{"id":"CVE-2020-8428","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2020-8992","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]}}},{"package":{"name":"linux-aws","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/linux-aws@4.15.0-1065.69?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1065.69"}]}],"versions":["4.15.0-1001.1","4.15.0-1003.3","4.15.0-1005.5","4.15.0-1006.6","4.15.0-1007.7","4.15.0-1009.9","4.15.0-1010.10","4.15.0-1011.11","4.15.0-1016.16","4.15.0-1017.17","4.15.0-1019.19","4.15.0-1020.20","4.15.0-1021.21","4.15.0-1023.23","4.15.0-1025.25","4.15.0-1027.27","4.15.0-1029.30","4.15.0-1031.33","4.15.0-1032.34","4.15.0-1033.35","4.15.0-1034.36","4.15.0-1035.37","4.15.0-1037.39","4.15.0-1039.41","4.15.0-1040.42","4.15.0-1041.43","4.15.0-1043.45","4.15.0-1044.46","4.15.0-1045.47","4.15.0-1047.49","4.15.0-1048.50","4.15.0-1050.52","4.15.0-1051.53","4.15.0-1052.54","4.15.0-1054.56","4.15.0-1056.58","4.15.0-1057.59","4.15.0-1058.60","4.15.0-1060.62","4.15.0-1063.67"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-aws-cloud-tools-4.15.0-1065","binary_version":"4.15.0-1065.69"},{"binary_name":"linux-aws-headers-4.15.0-1065","binary_version":"4.15.0-1065.69"},{"binary_name":"linux-aws-tools-4.15.0-1065","binary_version":"4.15.0-1065.69"},{"binary_name":"linux-buildinfo-4.15.0-1065-aws","binary_version":"4.15.0-1065.69"},{"binary_name":"linux-cloud-tools-4.15.0-1065-aws","binary_version":"4.15.0-1065.69"},{"binary_name":"linux-headers-4.15.0-1065-aws","binary_version":"4.15.0-1065.69"},{"binary_name":"linux-image-4.15.0-1065-aws","binary_version":"4.15.0-1065.69"},{"binary_name":"linux-modules-4.15.0-1065-aws","binary_version":"4.15.0-1065.69"},{"binary_name":"linux-modules-extra-4.15.0-1065-aws","binary_version":"4.15.0-1065.69"},{"binary_name":"linux-tools-4.15.0-1065-aws","binary_version":"4.15.0-1065.69"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4324-1.json","cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2020-8428","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2020-8992","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]}}},{"package":{"name":"linux-gke-4.15","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/linux-gke-4.15@4.15.0-1057.60?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1057.60"}]}],"versions":["4.15.0-1030.32","4.15.0-1032.34","4.15.0-1033.35","4.15.0-1034.36","4.15.0-1036.38","4.15.0-1037.39","4.15.0-1040.42","4.15.0-1041.43","4.15.0-1042.44","4.15.0-1044.46","4.15.0-1045.48","4.15.0-1046.49","4.15.0-1048.51","4.15.0-1049.52","4.15.0-1050.53","4.15.0-1052.55","4.15.0-1055.58"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-buildinfo-4.15.0-1057-gke","binary_version":"4.15.0-1057.60"},{"binary_name":"linux-gke-4.15-headers-4.15.0-1057","binary_version":"4.15.0-1057.60"},{"binary_name":"linux-gke-4.15-tools-4.15.0-1057","binary_version":"4.15.0-1057.60"},{"binary_name":"linux-headers-4.15.0-1057-gke","binary_version":"4.15.0-1057.60"},{"binary_name":"linux-image-unsigned-4.15.0-1057-gke","binary_version":"4.15.0-1057.60"},{"binary_name":"linux-modules-4.15.0-1057-gke","binary_version":"4.15.0-1057.60"},{"binary_name":"linux-modules-extra-4.15.0-1057-gke","binary_version":"4.15.0-1057.60"},{"binary_name":"linux-tools-4.15.0-1057-gke","binary_version":"4.15.0-1057.60"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4324-1.json","cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2020-8428","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2020-8992","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]}}},{"package":{"name":"linux-kvm","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/linux-kvm@4.15.0-1058.59?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1058.59"}]}],"versions":["4.15.0-1002.2","4.15.0-1003.3","4.15.0-1004.4","4.15.0-1006.6","4.15.0-1008.8","4.15.0-1010.10","4.15.0-1011.11","4.15.0-1012.12","4.15.0-1016.16","4.15.0-1017.17","4.15.0-1019.19","4.15.0-1020.20","4.15.0-1021.21","4.15.0-1023.23","4.15.0-1025.25","4.15.0-1026.26","4.15.0-1027.27","4.15.0-1028.28","4.15.0-1029.29","4.15.0-1030.30","4.15.0-1031.31","4.15.0-1032.32","4.15.0-1034.34","4.15.0-1035.35","4.15.0-1036.36","4.15.0-1038.38","4.15.0-1039.39","4.15.0-1042.42","4.15.0-1043.43","4.15.0-1044.44","4.15.0-1046.46","4.15.0-1047.47","4.15.0-1048.48","4.15.0-1050.50","4.15.0-1051.51","4.15.0-1052.52","4.15.0-1053.53","4.15.0-1056.57"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-buildinfo-4.15.0-1058-kvm","binary_version":"4.15.0-1058.59"},{"binary_name":"linux-headers-4.15.0-1058-kvm","binary_version":"4.15.0-1058.59"},{"binary_name":"linux-image-4.15.0-1058-kvm","binary_version":"4.15.0-1058.59"},{"binary_name":"linux-kvm-headers-4.15.0-1058","binary_version":"4.15.0-1058.59"},{"binary_name":"linux-kvm-tools-4.15.0-1058","binary_version":"4.15.0-1058.59"},{"binary_name":"linux-modules-4.15.0-1058-kvm","binary_version":"4.15.0-1058.59"},{"binary_name":"linux-tools-4.15.0-1058-kvm","binary_version":"4.15.0-1058.59"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4324-1.json","cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2020-8428","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2020-8992","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]}}},{"package":{"name":"linux-oem","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/linux-oem@4.15.0-1079.89?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1079.89"}]}],"versions":["4.15.0-1002.3","4.15.0-1004.5","4.15.0-1006.9","4.15.0-1008.11","4.15.0-1009.12","4.15.0-1012.15","4.15.0-1013.16","4.15.0-1015.18","4.15.0-1017.20","4.15.0-1018.21","4.15.0-1021.24","4.15.0-1024.29","4.15.0-1026.31","4.15.0-1028.33","4.15.0-1030.35","4.15.0-1033.38","4.15.0-1034.39","4.15.0-1035.40","4.15.0-1036.41","4.15.0-1038.43","4.15.0-1039.44","4.15.0-1043.48","4.15.0-1045.50","4.15.0-1050.57","4.15.0-1056.65","4.15.0-1057.66","4.15.0-1059.68","4.15.0-1063.72","4.15.0-1064.73","4.15.0-1065.75","4.15.0-1066.76","4.15.0-1067.77","4.15.0-1069.79","4.15.0-1073.83","4.15.0-1076.86"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"block-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"crypto-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"fat-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"fb-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"firewire-core-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"floppy-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"fs-core-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"fs-secondary-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"input-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"ipmi-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"irda-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"kernel-image-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"linux-buildinfo-4.15.0-1079-oem","binary_version":"4.15.0-1079.89"},{"binary_name":"linux-headers-4.15.0-1079-oem","binary_version":"4.15.0-1079.89"},{"binary_name":"linux-image-unsigned-4.15.0-1079-oem","binary_version":"4.15.0-1079.89"},{"binary_name":"linux-modules-4.15.0-1079-oem","binary_version":"4.15.0-1079.89"},{"binary_name":"linux-oem-headers-4.15.0-1079","binary_version":"4.15.0-1079.89"},{"binary_name":"linux-oem-tools-4.15.0-1079","binary_version":"4.15.0-1079.89"},{"binary_name":"linux-tools-4.15.0-1079-oem","binary_version":"4.15.0-1079.89"},{"binary_name":"linux-udebs-oem","binary_version":"4.15.0-1079.89"},{"binary_name":"md-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"message-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"mouse-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"multipath-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"nfs-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"nic-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"nic-pcmcia-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"nic-shared-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"nic-usb-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"parport-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"pata-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"pcmcia-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"pcmcia-storage-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"plip-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"ppp-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"sata-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"scsi-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"serial-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"storage-core-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"usb-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"virtio-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"},{"binary_name":"vlan-modules-4.15.0-1079-oem-di","binary_version":"4.15.0-1079.89"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4324-1.json","cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2020-8428","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2020-8992","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]}}},{"package":{"name":"linux-oracle","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/linux-oracle@4.15.0-1037.41?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1037.41"}]}],"versions":["4.15.0-1007.9","4.15.0-1008.10","4.15.0-1009.11","4.15.0-1010.12","4.15.0-1011.13","4.15.0-1013.15","4.15.0-1014.16","4.15.0-1015.17","4.15.0-1017.19","4.15.0-1018.20","4.15.0-1021.23","4.15.0-1022.25","4.15.0-1023.26","4.15.0-1025.28","4.15.0-1026.29","4.15.0-1027.30","4.15.0-1029.32","4.15.0-1030.33","4.15.0-1031.34","4.15.0-1033.36","4.15.0-1035.39"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-buildinfo-4.15.0-1037-oracle","binary_version":"4.15.0-1037.41"},{"binary_name":"linux-headers-4.15.0-1037-oracle","binary_version":"4.15.0-1037.41"},{"binary_name":"linux-image-unsigned-4.15.0-1037-oracle","binary_version":"4.15.0-1037.41"},{"binary_name":"linux-modules-4.15.0-1037-oracle","binary_version":"4.15.0-1037.41"},{"binary_name":"linux-modules-extra-4.15.0-1037-oracle","binary_version":"4.15.0-1037.41"},{"binary_name":"linux-oracle-headers-4.15.0-1037","binary_version":"4.15.0-1037.41"},{"binary_name":"linux-oracle-tools-4.15.0-1037","binary_version":"4.15.0-1037.41"},{"binary_name":"linux-tools-4.15.0-1037-oracle","binary_version":"4.15.0-1037.41"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4324-1.json","cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2020-8428","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2020-8992","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]}}},{"package":{"name":"linux-raspi2","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/linux-raspi2@4.15.0-1060.64?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1060.64"}]}],"versions":["4.13.0-1005.5","4.13.0-1006.6","4.13.0-1008.8","4.15.0-1006.7","4.15.0-1009.10","4.15.0-1010.11","4.15.0-1011.12","4.15.0-1012.13","4.15.0-1013.14","4.15.0-1017.18","4.15.0-1018.19","4.15.0-1020.22","4.15.0-1021.23","4.15.0-1022.24","4.15.0-1024.26","4.15.0-1026.28","4.15.0-1027.29","4.15.0-1028.30","4.15.0-1029.31","4.15.0-1030.32","4.15.0-1031.33","4.15.0-1032.34","4.15.0-1033.35","4.15.0-1034.36","4.15.0-1036.38","4.15.0-1037.39","4.15.0-1038.40","4.15.0-1040.43","4.15.0-1041.44","4.15.0-1043.46","4.15.0-1044.47","4.15.0-1045.49","4.15.0-1047.51","4.15.0-1048.52","4.15.0-1049.53","4.15.0-1050.54","4.15.0-1052.56","4.15.0-1053.57","4.15.0-1054.58","4.15.0-1055.59","4.15.0-1057.61"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-buildinfo-4.15.0-1060-raspi2","binary_version":"4.15.0-1060.64"},{"binary_name":"linux-headers-4.15.0-1060-raspi2","binary_version":"4.15.0-1060.64"},{"binary_name":"linux-image-4.15.0-1060-raspi2","binary_version":"4.15.0-1060.64"},{"binary_name":"linux-modules-4.15.0-1060-raspi2","binary_version":"4.15.0-1060.64"},{"binary_name":"linux-raspi2-headers-4.15.0-1060","binary_version":"4.15.0-1060.64"},{"binary_name":"linux-raspi2-tools-4.15.0-1060","binary_version":"4.15.0-1060.64"},{"binary_name":"linux-tools-4.15.0-1060-raspi2","binary_version":"4.15.0-1060.64"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4324-1.json","cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2020-8428","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2020-8992","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]}}},{"package":{"name":"linux-snapdragon","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/linux-snapdragon@4.15.0-1076.83?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.15.0-1076.83"}]}],"versions":["4.4.0-1077.82","4.4.0-1078.83","4.4.0-1079.84","4.4.0-1081.86","4.15.0-1053.57","4.15.0-1054.58","4.15.0-1055.59","4.15.0-1057.62","4.15.0-1058.64","4.15.0-1060.66","4.15.0-1062.69","4.15.0-1064.71","4.15.0-1065.72","4.15.0-1066.73","4.15.0-1067.74","4.15.0-1069.76","4.15.0-1070.77","4.15.0-1071.78","4.15.0-1072.79","4.15.0-1074.81"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-buildinfo-4.15.0-1076-snapdragon","binary_version":"4.15.0-1076.83"},{"binary_name":"linux-headers-4.15.0-1076-snapdragon","binary_version":"4.15.0-1076.83"},{"binary_name":"linux-image-4.15.0-1076-snapdragon","binary_version":"4.15.0-1076.83"},{"binary_name":"linux-modules-4.15.0-1076-snapdragon","binary_version":"4.15.0-1076.83"},{"binary_name":"linux-snapdragon-headers-4.15.0-1076","binary_version":"4.15.0-1076.83"},{"binary_name":"linux-snapdragon-tools-4.15.0-1076","binary_version":"4.15.0-1076.83"},{"binary_name":"linux-tools-4.15.0-1076-snapdragon","binary_version":"4.15.0-1076.83"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4324-1.json","cves_map":{"ecosystem":"Ubuntu:18.04:LTS","cves":[{"id":"CVE-2020-8428","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2020-8992","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}]}}}],"schema_version":"1.7.3"}