Launchpad.net

CVE 2020-28588

An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been introduced in v5.1-rc4 (commit 631b7abacd02b88f4b0795c08b54ad4fc3e7c7c0) and is still present in v5.10-rc4, so it’s likely that all versions in between are affected. An attacker can read /proc/pid/syscall to trigger this vulnerability, which leads to the kernel leaking memory contents.

Related bugs and status

CVE-2020-28588 (Candidate) is related to these bugs:

Bug #1908499: udpgro.sh in net from ubuntu_kernel_selftests seems not reflecting sub-test result

		In	Importance	Status
1908499	udpgro.sh in net from ubuntu_kernel_selftests seems not reflecting sub-test result	ubuntu-kernel-tests	Undecided	Fix Released
1908499	udpgro.sh in net from ubuntu_kernel_selftests seems not reflecting sub-test result	linux (Ubuntu)	Undecided	Fix Released
1908499	udpgro.sh in net from ubuntu_kernel_selftests seems not reflecting sub-test result	linux-oem-5.10 (Ubuntu)	Undecided	Invalid
1908499	udpgro.sh in net from ubuntu_kernel_selftests seems not reflecting sub-test result	linux-oem-5.6 (Ubuntu)	Undecided	Invalid
1908499	udpgro.sh in net from ubuntu_kernel_selftests seems not reflecting sub-test result	linux (Ubuntu Groovy)	Undecided	Fix Released
1908499	udpgro.sh in net from ubuntu_kernel_selftests seems not reflecting sub-test result	linux (Ubuntu Focal)	Undecided	Fix Released
1908499	udpgro.sh in net from ubuntu_kernel_selftests seems not reflecting sub-test result	linux-oem-5.10 (Ubuntu Focal)	Undecided	Fix Released
1908499	udpgro.sh in net from ubuntu_kernel_selftests seems not reflecting sub-test result	linux-oem-5.6 (Ubuntu Focal)	Undecided	Fix Released
1908499	udpgro.sh in net from ubuntu_kernel_selftests seems not reflecting sub-test result	linux (Ubuntu Hirsute)	Undecided	Fix Released

Bug #1909453: S3 stress test fails with amdgpu errors

		In	Importance	Status
1909453	S3 stress test fails with amdgpu errors	linux-oem-5.6 (Ubuntu)	Undecided	Invalid
1909453	S3 stress test fails with amdgpu errors	linux-oem-5.6 (Ubuntu Focal)	Undecided	Fix Released
1909453	S3 stress test fails with amdgpu errors	HWE Next	Undecided	Fix Released

Bug #1913153: focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker

		In	Importance	Status
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow automated-testing	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow certification-testing	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow kernel-signoff	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow prepare-package	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow prepare-package-lrm	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow prepare-package-meta	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow prepare-package-signed	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow promote-to-proposed	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow promote-to-security	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow promote-to-updates	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow regression-testing	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow security-signoff	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	Kernel SRU Workflow verification-testing	Medium	Fix Released
1913153	focal/linux-oem-5.6: 5.6.0-1048.52 -proposed tracker	linux-oem-5.6 (Ubuntu Focal)	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: https://talosintellige...