This new Linux kernel security update comes only five days after Canonical released the major kernel updates for all supported Ubuntu releases to patch a total of 17 vulnerabilities, and it only addresses a vulnerability. The security vulnerability is CVE-2020-14386, an AF_PACKET memory corruption discovered by Or Cohen. This could be used by a local attacker to crash the vulnerable system by causing a denial of service or possibly execute arbitrary code. It would appear that the issue was caused because the AF_PACKET implementation failed to properly perform bounds checking under certain situations.
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis