CVE-2020-10757
Publication date 4 June 2020
Last updated 24 July 2024
Ubuntu priority
A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker with access to a DAX enabled storage to escalate their privileges on the system.
From the Ubuntu Security Team
Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Pages. A local attacker with access to DAX storage could use this to gain administrative privileges.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| linux | 20.04 LTS focal |
Fixed 5.4.0-45.49
|
| 18.04 LTS bionic |
Fixed 4.15.0-112.113
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty |
Not affected
|
|
| linux-aws | 20.04 LTS focal |
Fixed 5.4.0-1022.22
|
| 18.04 LTS bionic |
Fixed 4.15.0-1079.83
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty |
Not affected
|
|
| linux-aws-5.0 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-aws-5.3 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.3.0-1032.34~18.04.2
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-aws-5.4 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.4.0-1022.22~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-aws-hwe | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial |
Fixed 4.15.0-1079.83~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-azure | 20.04 LTS focal |
Fixed 5.4.0-1023.23
|
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial |
Fixed 4.15.0-1092.102~16.04.1
|
|
| 14.04 LTS trusty | Ignored | |
| linux-azure-4.15 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 4.15.0-1092.102
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-azure-5.3 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.3.0-1034.35~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-azure-5.4 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.4.0-1023.23~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-azure-edge | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gcp | 20.04 LTS focal |
Fixed 5.4.0-1022.22
|
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial |
Fixed 4.15.0-1080.90~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-gcp-4.15 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 4.15.0-1080.90
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gcp-5.3 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.3.0-1032.34~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gcp-5.4 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.4.0-1022.22~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gcp-edge | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gke-4.15 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 4.15.0-1066.69
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gke-5.0 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.0.0-1045.46
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gke-5.3 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.3.0-1032.34~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-hwe | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.3.0-64.58~18.04.1
|
|
| 16.04 LTS xenial |
Fixed 4.15.0-112.113~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-hwe-5.4 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.4.0-45.49~18.04.2
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-hwe-edge | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Not in release | |
| linux-kvm | 20.04 LTS focal |
Fixed 5.4.0-1021.21
|
| 18.04 LTS bionic |
Fixed 4.15.0-1071.72
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release | |
| linux-lts-trusty | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-lts-xenial | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty |
Not affected
|
|
| linux-oem | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 4.15.0-1093.103
|
|
| 16.04 LTS xenial | Ignored | |
| 14.04 LTS trusty | Not in release | |
| linux-oem-5.6 | 20.04 LTS focal |
Fixed 5.6.0-1018.18
|
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oem-osp1 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.0.0-1065.70
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oracle | 20.04 LTS focal |
Fixed 5.4.0-1022.22
|
| 18.04 LTS bionic |
Fixed 4.15.0-1050.54
|
|
| 16.04 LTS xenial |
Fixed 4.15.0-1050.54~16.04.1
|
|
| 14.04 LTS trusty | Not in release | |
| linux-oracle-5.0 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Ignored | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oracle-5.3 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.3.0-1030.32~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oracle-5.4 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.4.0-1022.22~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-raspi | 20.04 LTS focal |
Fixed 5.4.0-1016.17
|
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-raspi-5.4 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.4.0-1016.17~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-raspi2 | 20.04 LTS focal | Ignored |
| 18.04 LTS bionic |
Fixed 4.15.0-1067.71
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release | |
| linux-raspi2-5.3 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.3.0-1030.32~18.04.2
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-riscv | 20.04 LTS focal |
Fixed 5.4.0-31.35
|
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-snapdragon | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 4.15.0-1083.91
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release |
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
7.8 · High
|
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | High |
| Availability impact | High |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
References
Related Ubuntu Security Notices (USN)
- USN-4426-1
- Linux kernel vulnerabilities
- 27 July 2020
- USN-4439-1
- Linux kernel vulnerabilities
- 27 July 2020
- USN-4440-1
- linux kernel vulnerabilities
- 31 July 2020
- USN-4483-1
- Linux kernel vulnerabilities
- 3 September 2020
- LSN-0069-1
- Kernel Live Patch Security Notice
- 27 July 2020