{"id":"USN-4388-1","summary":"linux-gke-5.0, linux-oem-osp1 vulnerabilities","details":"It was discovered that the F2FS file system implementation in the Linux\nkernel did not properly perform bounds checking on xattrs in some\nsituations. A local attacker could possibly use this to expose sensitive\ninformation (kernel memory). (CVE-2020-0067)\n\nIt was discovered that memory contents previously stored in\nmicroarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY\nread operations on Intel client and Xeon E3 processors may be briefly\nexposed to processes on the same or different processor cores. A local\nattacker could use this to expose sensitive information. (CVE-2020-0543)\n\nPiotr Krysiuk discovered that race conditions existed in the file system\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service (system crash). (CVE-2020-12114)\n\nIt was discovered that the USB susbsystem's scatter-gather implementation\nin the Linux kernel did not properly take data references in some\nsituations, leading to a use-after-free. A physically proximate attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2020-12464)\n\nBui Quang Minh discovered that the XDP socket implementation in the Linux\nkernel did not properly validate meta-data passed from user space, leading\nto an out-of-bounds write vulnerability. A local attacker with the\nCAP_NET_ADMIN capability could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2020-12659)\n\nXiumei Mu discovered that the IPSec implementation in the Linux kernel did\nnot properly encrypt IPv6 traffic in some situations. An attacker could use\nthis to expose sensitive information. (CVE-2020-1749)\n","modified":"2026-02-10T04:41:51Z","published":"2020-06-09T23:18:09Z","related":["UBUNTU-CVE-2020-0067","UBUNTU-CVE-2020-0543","UBUNTU-CVE-2020-12114","UBUNTU-CVE-2020-12464","UBUNTU-CVE-2020-12659","UBUNTU-CVE-2020-1749"],"upstream":["CVE-2020-0067","CVE-2020-0543","CVE-2020-12114","CVE-2020-12464","CVE-2020-12659","CVE-2020-1749","UBUNTU-CVE-2020-0067","UBUNTU-CVE-2020-0543","UBUNTU-CVE-2020-12114","UBUNTU-CVE-2020-12464","UBUNTU-CVE-2020-12659","UBUNTU-CVE-2020-1749"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-4388-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-0067"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-0543"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-1749"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-12114"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-12464"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2020-12659"}],"affected":[{"package":{"name":"linux-gke-5.0","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/linux-gke-5.0@5.0.0-1042.43?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.0.0-1042.43"}]}],"versions":["5.0.0-1011.11~18.04.1","5.0.0-1013.13~18.04.1","5.0.0-1015.15~18.04.1","5.0.0-1017.17~18.04.1","5.0.0-1020.20~18.04.1","5.0.0-1022.22~18.04.3","5.0.0-1023.23~18.04.2","5.0.0-1025.26~18.04.1","5.0.0-1026.27~18.04.2","5.0.0-1027.28~18.04.1","5.0.0-1029.30~18.04.1","5.0.0-1030.31","5.0.0-1032.33","5.0.0-1033.34","5.0.0-1035.36","5.0.0-1037.38"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"linux-buildinfo-5.0.0-1042-gke","binary_version":"5.0.0-1042.43"},{"binary_name":"linux-gke-5.0-headers-5.0.0-1042","binary_version":"5.0.0-1042.43"},{"binary_name":"linux-gke-5.0-tools-5.0.0-1042","binary_version":"5.0.0-1042.43"},{"binary_name":"linux-headers-5.0.0-1042-gke","binary_version":"5.0.0-1042.43"},{"binary_name":"linux-image-unsigned-5.0.0-1042-gke","binary_version":"5.0.0-1042.43"},{"binary_name":"linux-modules-5.0.0-1042-gke","binary_version":"5.0.0-1042.43"},{"binary_name":"linux-modules-extra-5.0.0-1042-gke","binary_version":"5.0.0-1042.43"},{"binary_name":"linux-tools-5.0.0-1042-gke","binary_version":"5.0.0-1042.43"}]},"database_specific":{"cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2020-0067"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2020-1749"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2020-12114"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2020-12464"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}],"id":"CVE-2020-12659"}],"ecosystem":"Ubuntu:18.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4388-1.json"}},{"package":{"name":"linux-oem-osp1","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/linux-oem-osp1@5.0.0-1059.64?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.0.0-1059.64"}]}],"versions":["5.0.0-1010.11","5.0.0-1012.13","5.0.0-1015.16","5.0.0-1018.20","5.0.0-1020.22","5.0.0-1022.24","5.0.0-1024.27","5.0.0-1025.28","5.0.0-1027.31","5.0.0-1028.32","5.0.0-1030.34","5.0.0-1033.38","5.0.0-1037.42","5.0.0-1039.44","5.0.0-1040.45","5.0.0-1043.48","5.0.0-1046.51","5.0.0-1047.52","5.0.0-1050.55","5.0.0-1052.57"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"block-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"crypto-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"fat-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"fb-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"firewire-core-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"floppy-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"fs-core-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"fs-secondary-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"input-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"ipmi-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"kernel-image-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"linux-buildinfo-5.0.0-1059-oem-osp1","binary_version":"5.0.0-1059.64"},{"binary_name":"linux-headers-5.0.0-1059-oem-osp1","binary_version":"5.0.0-1059.64"},{"binary_name":"linux-image-unsigned-5.0.0-1059-oem-osp1","binary_version":"5.0.0-1059.64"},{"binary_name":"linux-modules-5.0.0-1059-oem-osp1","binary_version":"5.0.0-1059.64"},{"binary_name":"linux-oem-osp1-headers-5.0.0-1059","binary_version":"5.0.0-1059.64"},{"binary_name":"linux-oem-osp1-tools-5.0.0-1059","binary_version":"5.0.0-1059.64"},{"binary_name":"linux-oem-osp1-tools-host","binary_version":"5.0.0-1059.64"},{"binary_name":"linux-tools-5.0.0-1059-oem-osp1","binary_version":"5.0.0-1059.64"},{"binary_name":"linux-udebs-oem-osp1","binary_version":"5.0.0-1059.64"},{"binary_name":"md-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"message-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"mouse-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"multipath-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"nfs-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"nic-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"nic-pcmcia-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"nic-shared-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"nic-usb-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"parport-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"pata-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"pcmcia-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"pcmcia-storage-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"plip-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"ppp-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"sata-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"scsi-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"serial-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"storage-core-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"usb-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"virtio-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"},{"binary_name":"vlan-modules-5.0.0-1059-oem-osp1-di","binary_version":"5.0.0-1059.64"}]},"database_specific":{"cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2020-0067"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2020-1749"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2020-12114"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2020-12464"},{"severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"low","type":"Ubuntu"}],"id":"CVE-2020-12659"}],"ecosystem":"Ubuntu:18.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4388-1.json"}}],"schema_version":"1.7.3"}