---

Canonical Outs New Kernel Security Updates for Ubuntu to Fix 4 Flaws

Affecting all supported Ubuntu releases and kernels, a flaw (CVE-2020-8428) discovered by Al Viro in Linux kernel’s VFS (Virtual Filesystem Switch) layer, which could allow a local attacker to crash the system or expose sensitive information, was patched in this update. On top of that, the new Linux kernel security update also fixes a vulnerability (CVE-2019-19046) discovered in the IPMI message handler implementation, which could allow a local attacker to cause a denial of service (kernel memory exhaustion). This flaw affects only Ubuntu 19.10 and Ubuntu 18.04.4 LTS systems running Linux kernel 5.3.