Canonical Releases Major Ubuntu Kernel Updates to Address 14 Vulnerabilities

A total of 14 security vulnerabilities have been fixed in these new major Ubuntu kernel updates, including a race condition (CVE-2020-0423) that may lead to a use-after-free vulnerability, discovered in Linux kernel’s binder IPC implementation. This flaw affects Ubuntu 20.10, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS systems, and could allow a local attacker to cause a denial of service (system crash) or possibly execute arbitrary code. Affecting all supported Ubuntu releases, this kernel update addresses a Bluetooth security vulnerability (CVE-2020-10135) discovered by Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen, which could allow a physically proximate attacker to impersonate a previously paired Bluetooth device.