Canonical Outs New Ubuntu Linux Kernel Live Patch to Address 3 Flaws

Canonical has released a new Linux kernel live patch for some of its supported Ubuntu releases and official derivatives to address three security vulnerabilities discovered in the virtual terminal.

Available for Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 ESM, the new kernel live patch includes fixes for three security issues discovered in Linux kernel’s virtual terminal (VT) implementation. The three security vulnerabilities are CVE-2020-8647, CVE-2020-8648 and CVE-2020-8649. These could a local attacker to expose sensitive information or even crash the system by causing a denial of service in the case of CVE-2020-8648, which describes a race condition.

Full Story