CVE-2019-20908

Priority
Description
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel
before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable
could be used by attackers to bypass lockdown or secure boot restrictions,
aka CID-1957a85b0032.
Ubuntu-Description
Jason A. Donenfeld discovered that the ACPI implementation in the Linux
kernel did not properly restrict loading SSDT code from an EFI variable. A
privileged attacker could use this to bypass Secure Boot lockdown
restrictions and execute arbitrary code in the kernel.
Notes
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (3.0.0-12.20)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (3.11.0-12.19)
Ubuntu 16.06 ESM (Xenial Xerus):not-affected (4.2.0-16.19)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-112.113)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-9.12)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-26.30)
Ubuntu 21.04 (Hirsute Hippo):not-affected (5.8.0-36.40+21.04.1)
Patches:
Break-fix:475fb4e8b2f4444d1d7b406ff3a7d21bc89a1e6f
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (4.4.0-1002.2)
Ubuntu 16.06 ESM (Xenial Xerus):not-affected (4.4.0-1001.10)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1079.83)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-1005.5)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-1009.9)
Ubuntu 21.04 (Hirsute Hippo):not-affected (5.8.0-1018.20+21.04.1)
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.0-1032.34~18.04.2)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-1018.18~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.06 ESM (Xenial Xerus):released (4.15.0-1079.83~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (4.15.0-1092.102~14.04.1)
Ubuntu 16.06 ESM (Xenial Xerus):released (4.15.0-1092.102~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-1006.6)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-1010.10)
Ubuntu 21.04 (Hirsute Hippo):not-affected (5.8.0-1016.17+21.04.1)
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1092.102)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.0-1034.35~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-1020.20~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1005.8)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.06 ESM (Xenial Xerus):released (4.15.0-1080.90~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-1005.5)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-1009.9)
Ubuntu 21.04 (Hirsute Hippo):not-affected (5.8.0-1015.15+21.04.1)
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1080.90)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.0-1032.34~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-1019.19~18.04.2)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1066.69)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1045.46)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.0-1032.34~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-1025.25~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-1008.9)
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-1001.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.06 ESM (Xenial Xerus):released (4.15.0-112.113~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.0-64.58~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-37.41~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.8.0-23.24~20.04.1)
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.06 ESM (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.06 ESM (Xenial Xerus):not-affected (4.4.0-1004.9)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1071.72)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-1004.4)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-1009.9)
Ubuntu 21.04 (Hirsute Hippo):not-affected (5.8.0-1010.11+21.04.1)
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (3.13.0-24.46~precise1)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (4.4.0-13.29~14.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1093.103)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.10.0-1008.9)
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.6.0-1007.7)
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1065.70)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.06 ESM (Xenial Xerus):released (4.15.0-1050.54~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1050.54)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-1005.5)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-1009.9)
Ubuntu 21.04 (Hirsute Hippo):not-affected (5.8.0-1014.14+21.04.1)
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.0-1030.32~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-1019.19~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-1007.7)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-1008.8)
Ubuntu 21.04 (Hirsute Hippo):not-affected (5.8.0-1008.11+21.04.1)
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.4.0-1013.13~18.04.1)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1067.71)
Ubuntu 20.04 LTS (Focal Fossa):ignored (was needs-triage now end-of-life)
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.0-1030.32~18.04.2)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):not-affected (5.4.0-24.28)
Ubuntu 20.10 (Groovy Gorilla):not-affected (5.4.0-24.28)
Ubuntu 21.04 (Hirsute Hippo):not-affected (5.8.0-10.12+21.04.1)
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1083.91)
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Ubuntu 21.04 (Hirsute Hippo):DNE
More Information

Updated: 2021-05-04 01:07:59 UTC (commit 61bbf0559dcfe3627656e8b3f6ff9af9f95423b1)