The most important security issue fixed in this new Linux kernel update was discovered in the SELinux network label handling implementation by Matthew Sheets. This vulnerability (CVE-2020-10711) affects Ubuntu 20.04 LTS, 19.10, 18.04 LTS, and 16.04 LTS, and could allow a remote attacker to cause a denial of service (system crash). On Ubuntu 19.10 and Ubuntu 18.04 LTS systems using either Linux 5.3 or 5.0 kernels, the new security update addresses another important vulnerability (CVE-2020-10751) discovered by Dmitry Vyukov in the SELinux netlink security hook, which could allow a privileged attacker to bypass SELinux netlink restrictions.
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis