Available for Ubuntu 20.04 LTS (Focal Fossa), Ubuntu 18.04 LTS (Bionic Beaver), and Ubuntu 16.04 LTS (Xenial Xerus), the new Linux kernel updates are here to address two vulnerabilities (CVE-2019-20908 and CVE-2020-15780) discovered by Jason A. Donenfeld in the ACPI implementation, which could allow a privileged attacker to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. Another vulnerability (CVE-2020-11935) patched in this security update is affecting all supported Ubuntu releases and kernels, and could allow a local attacker to cause a denial of service. The issue was discovered by Mauricio Faria de Oliveira in Linux kernel’s AUFS implementation.
Get the Free Newsletter!
Subscribe to Developer Insider for top news, trends, & analysis