Lucene search

UbuntuUSN-4916-2

HistoryApr 22, 2021 - 12:00 a.m.

Linux kernel regression

2021-04-2200:00:00

ubuntu.com

242

ubuntu

linux kernel

regression

security vulnerability

memory leak

cve-2021-3493

privilege escalation

cve-2021-29154

denial of service

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

8.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

AI Score

8.8

Confidence

High

EPSS

0.008

Percentile

82.3%

JSON

Releases

Ubuntu 20.04 LTS
Ubuntu 18.04 ESM
Ubuntu 16.04 ESM
Ubuntu 14.04 ESM

Packages

linux - Linux kernel
linux-aws - Linux kernel for Amazon Web Services (AWS) systems
linux-gke-5.3 - Linux kernel for Google Container Engine (GKE) systems
linux-hwe - Linux hardware enablement (HWE) kernel
linux-kvm - Linux kernel for cloud environments
linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty
linux-oem-5.6 - Linux kernel for OEM systems
linux-raspi2 - Linux kernel for Raspberry Pi (V8) systems
linux-raspi2-5.3 - Linux kernel for Raspberry Pi (V8) systems
linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors

Details

USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately,
the fix for CVE-2021-3493 introduced a memory leak in some situations.
This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)

Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch displacements in
some situations. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-29154)

OSVersionArchitecturePackageVersionFilename
Ubuntu20.04noarchlinux-image-5.6.0-1055-oem< 5.6.0-1055.59UNKNOWN
Ubuntu20.04noarchlinux-image-5.6.0-1055-oem-dbgsym< 5.6.0-1055.59UNKNOWN
Ubuntu20.04noarchlinux-image-oem-20.04< 5.6.0.1055.51UNKNOWN
Ubuntu20.04noarchlinux-headers-oem-20.04< 5.6.0.1055.51UNKNOWN
Ubuntu20.04noarchlinux-oem-20.04< 5.6.0.1055.51UNKNOWN
Ubuntu20.04noarchlinux-tools-oem-20.04< 5.6.0.1055.51UNKNOWN
Ubuntu18.04noarchlinux-image-5.3.0-1040-raspi2< 5.3.0-1040.42UNKNOWN
Ubuntu18.04noarchlinux-buildinfo-5.3.0-1040-raspi2< 5.3.0-1040.42UNKNOWN
Ubuntu18.04noarchlinux-headers-5.3.0-1040-raspi2< 5.3.0-1040.42UNKNOWN
Ubuntu18.04noarchlinux-image-5.3.0-1040-raspi2-dbgsym< 5.3.0-1040.42UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	20.04	noarch	linux-image-5.6.0-1055-oem	< 5.6.0-1055.59	UNKNOWN
Ubuntu	20.04	noarch	linux-image-5.6.0-1055-oem-dbgsym	< 5.6.0-1055.59	UNKNOWN
Ubuntu	20.04	noarch	linux-image-oem-20.04	< 5.6.0.1055.51	UNKNOWN
Ubuntu	20.04	noarch	linux-headers-oem-20.04	< 5.6.0.1055.51	UNKNOWN
Ubuntu	20.04	noarch	linux-oem-20.04	< 5.6.0.1055.51	UNKNOWN
Ubuntu	20.04	noarch	linux-tools-oem-20.04	< 5.6.0.1055.51	UNKNOWN
Ubuntu	18.04	noarch	linux-image-5.3.0-1040-raspi2	< 5.3.0-1040.42	UNKNOWN
Ubuntu	18.04	noarch	linux-buildinfo-5.3.0-1040-raspi2	< 5.3.0-1040.42	UNKNOWN
Ubuntu	18.04	noarch	linux-headers-5.3.0-1040-raspi2	< 5.3.0-1040.42	UNKNOWN
Ubuntu	18.04	noarch	linux-image-5.3.0-1040-raspi2-dbgsym	< 5.3.0-1040.42	UNKNOWN