CVE-2020-27194

An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or in kernel/bpf/verifier.c mishandles bounds tracking during use of 64-bit values, aka CID-5b9fbeb75b6a.

From the Ubuntu Security Team

Simon Scannell discovered that the bpf verifier in the Linux kernel did not properly calculate register bounds for certain operations. A local attacker could use this to expose sensitive information (kernel memory) or gain administrative privileges.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
linux	20.10 groovy	Fixed 5.8.0-28.30
	20.04 LTS focal	Not affected
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Ignored was needs-triage ESM criteria
linux-aws	20.10 groovy	Fixed 5.8.0-1013.14
	20.04 LTS focal	Not affected
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Ignored was needs-triage ESM criteria
linux-aws-5.0	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Ignored end of life, was needs-triage
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-aws-5.3	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Ignored end of life, was needs-triage
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-aws-5.4	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-aws-hwe	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Not in release
linux-azure	20.10 groovy	Fixed 5.8.0-1012.13
	20.04 LTS focal	Not affected
	18.04 LTS bionic	Ignored end of life, was needs-triage
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Ignored was needs-triage ESM criteria
linux-azure-4.15	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-azure-5.3	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Ignored end of life, was needs-triage
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-azure-5.4	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-azure-edge	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Ignored end of life, was needs-triage
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-gcp	20.10 groovy	Fixed 5.8.0-1011.11
	20.04 LTS focal	Not affected
	18.04 LTS bionic	Ignored end of life, was needs-triage
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Not in release
linux-gcp-4.15	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-gcp-5.3	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Ignored end of life, was needs-triage
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-gcp-5.4	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-gcp-edge	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Ignored end of life, was needs-triage
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-gke-4.15	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-gke-5.0	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-gke-5.3	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-hwe	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Ignored replaced by linux-hwe-5.4
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Not in release
linux-hwe-5.4	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-hwe-edge	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Ignored end of life, was needs-triage
	16.04 LTS xenial	Ignored end of life, was needs-triage
	14.04 LTS trusty	Not in release
linux-kvm	20.10 groovy	Fixed 5.8.0-1009.10
	20.04 LTS focal	Not affected
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Not in release
linux-lts-trusty	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-lts-xenial	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Ignored was needs-triage ESM criteria
linux-oem	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Ignored end of standard support, was needs-triage
	14.04 LTS trusty	Not in release
linux-oem-5.6	20.10 groovy	Not in release
	20.04 LTS focal	Not affected
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-oem-osp1	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-oracle	20.10 groovy	Fixed 5.8.0-1010.10
	20.04 LTS focal	Not affected
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Not in release
linux-oracle-5.0	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Ignored end of life, was needs-triage
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-oracle-5.3	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Ignored end of life, was needs-triage
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-oracle-5.4	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-raspi	20.10 groovy	Fixed 5.8.0-1007.10
	20.04 LTS focal	Not affected
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-raspi-5.4	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-raspi2	20.10 groovy	Not in release
	20.04 LTS focal	Ignored replaced by linux-raspi
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Not in release
linux-raspi2-5.3	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-riscv	20.10 groovy	Fixed 5.8.0-8.9
	20.04 LTS focal	Not affected
	18.04 LTS bionic	Not in release
	16.04 LTS xenial	Not in release
	14.04 LTS trusty	Not in release
linux-snapdragon	20.10 groovy	Not in release
	20.04 LTS focal	Not in release
	18.04 LTS bionic	Not affected
	16.04 LTS xenial	Not affected
	14.04 LTS trusty	Not in release

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
linux	Introduced by 3f50f13, fixed by 5b9fbeb

Severity score breakdown

Parameter	Value
Base score	5.5 · Medium
Attack vector	Local
Attack complexity	Low
Privileges required	Low
User interaction	None
Scope	Unchanged
Confidentiality	None
Integrity impact	None
Availability impact	High
Vector	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References

Related Ubuntu Security Notices (USN)

USN-4626-1
Linux kernel vulnerabilities
11 November 2020