USN-4889-1

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/USN-4889-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4889-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-4889-1

Related

Published

2021-03-25T03:09:57.435658Z

Modified

2021-03-25T03:09:57.435658Z

Summary

linux, linux-lts-xenial vulnerabilities

Details

Adam Nichols discovered that heap overflows existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-27365)

Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did not properly restrict access to iSCSI transport handles. A local attacker could use this to cause a denial of service or expose sensitive information (kernel pointer addresses). (CVE-2021-27363)

Adam Nichols discovered that an out-of-bounds read existed in the iSCSI subsystem in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information (kernel memory). (CVE-2021-27364)

References

Affected packages

Ubuntu:14.04:LTS / linux

Package

Name: linux
Purl: pkg:deb/ubuntu/linux@3.13.0-185.236?arch=source&distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.13.0-185.236

Affected versions

3.*

3.11.0-12.19

3.12.0-1.3

3.12.0-2.5

3.12.0-2.7

3.12.0-3.8

3.12.0-3.9

3.12.0-4.10

3.12.0-4.12

3.12.0-5.13

3.12.0-7.15

3.13.0-1.16

3.13.0-2.17

3.13.0-3.18

3.13.0-4.19

3.13.0-5.20

3.13.0-6.23

3.13.0-7.25

3.13.0-7.26

3.13.0-8.27

3.13.0-8.28

3.13.0-10.30

3.13.0-11.31

3.13.0-12.32

3.13.0-13.33

3.13.0-14.34

3.13.0-15.35

3.13.0-16.36

3.13.0-17.37

3.13.0-18.38

3.13.0-19.39

3.13.0-19.40

3.13.0-20.42

3.13.0-21.43

3.13.0-22.44

3.13.0-23.45

3.13.0-24.46

3.13.0-24.47

3.13.0-27.50

3.13.0-29.53

3.13.0-30.54

3.13.0-30.55

3.13.0-32.57

3.13.0-33.58

3.13.0-34.60

3.13.0-35.62

3.13.0-36.63

3.13.0-37.64

3.13.0-39.66

3.13.0-40.69

3.13.0-41.70

3.13.0-43.72

3.13.0-44.73

3.13.0-45.74

3.13.0-46.75

3.13.0-46.76

3.13.0-46.77

3.13.0-46.79

3.13.0-48.80

3.13.0-49.81

3.13.0-49.83

3.13.0-51.84

3.13.0-52.85

3.13.0-52.86

3.13.0-53.88

3.13.0-53.89

3.13.0-54.91

3.13.0-55.92

3.13.0-55.94

3.13.0-57.95

3.13.0-58.97

3.13.0-59.98

3.13.0-61.100

3.13.0-62.102

3.13.0-63.103

3.13.0-65.105

3.13.0-65.106

3.13.0-66.108

3.13.0-67.110

3.13.0-68.111

3.13.0-70.113

3.13.0-71.114

3.13.0-73.116

3.13.0-74.118

3.13.0-76.120

3.13.0-77.121

3.13.0-79.123

3.13.0-83.127

3.13.0-85.129

3.13.0-86.130

3.13.0-86.131

3.13.0-87.133

3.13.0-88.135

3.13.0-91.138

3.13.0-92.139

3.13.0-93.140

3.13.0-95.142

3.13.0-96.143

3.13.0-98.145

3.13.0-100.147

3.13.0-101.148

3.13.0-103.150

3.13.0-105.152

3.13.0-106.153

3.13.0-107.154

3.13.0-108.155

3.13.0-109.156

3.13.0-110.157

3.13.0-111.158

3.13.0-112.159

3.13.0-113.160

3.13.0-115.162

3.13.0-116.163

3.13.0-117.164

3.13.0-119.166

3.13.0-121.170

3.13.0-123.172

3.13.0-125.174

3.13.0-126.175

3.13.0-128.177

3.13.0-129.178

3.13.0-132.181

3.13.0-133.182

3.13.0-135.184

3.13.0-137.186

3.13.0-139.188

3.13.0-141.190

3.13.0-142.191

3.13.0-143.192

3.13.0-144.193

3.13.0-145.194

3.13.0-147.196

3.13.0-149.199

3.13.0-151.201

3.13.0-153.203

3.13.0-155.205

3.13.0-156.206

3.13.0-157.207

3.13.0-158.208

3.13.0-160.210

3.13.0-161.211

3.13.0-162.212

3.13.0-163.213

3.13.0-164.214

3.13.0-165.215

3.13.0-166.216

3.13.0-167.217

3.13.0-168.218

3.13.0-169.219

3.13.0-170.220

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "linux-image-3.13.0-185-powerpc64-smp",
            "binary_version": "3.13.0-185.236"
        },
        {
            "binary_name": "linux-image-3.13.0-185-powerpc-e500mc",
            "binary_version": "3.13.0-185.236"
        },
        {
            "binary_name": "linux-image-3.13.0-185-powerpc-e500",
            "binary_version": "3.13.0-185.236"
        },
        {
            "binary_name": "linux-image-3.13.0-185-generic-lpae",
            "binary_version": "3.13.0-185.236"
        },
        {
            "binary_name": "linux-image-3.13.0-185-lowlatency",
            "binary_version": "3.13.0-185.236"
        },
        {
            "binary_name": "linux-image-3.13.0-185-powerpc64-emb",
            "binary_version": "3.13.0-185.236"
        },
        {
            "binary_name": "linux-image-3.13.0-185-generic",
            "binary_version": "3.13.0-185.236"
        },
        {
            "binary_name": "linux-image-3.13.0-185-powerpc-smp",
            "binary_version": "3.13.0-185.236"
        }
    ],
    "availability": "No subscription required"
}

Ubuntu:14.04:LTS / linux-lts-xenial

Package

Name: linux-lts-xenial
Purl: pkg:deb/ubuntu/linux-lts-xenial@4.4.0-206.238~14.04.1?arch=source&distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-206.238~14.04.1

Affected versions

4.*

4.4.0-13.29~14.04.1

4.4.0-14.30~14.04.2

4.4.0-15.31~14.04.1

4.4.0-18.34~14.04.1

4.4.0-21.37~14.04.1

4.4.0-22.39~14.04.1

4.4.0-22.40~14.04.1

4.4.0-24.43~14.04.1

4.4.0-28.47~14.04.1

4.4.0-31.50~14.04.1

4.4.0-34.53~14.04.1

4.4.0-36.55~14.04.1

4.4.0-38.57~14.04.1

4.4.0-42.62~14.04.1

4.4.0-45.66~14.04.1

4.4.0-47.68~14.04.1

4.4.0-51.72~14.04.1

4.4.0-53.74~14.04.1

4.4.0-57.78~14.04.1

4.4.0-59.80~14.04.1

4.4.0-62.83~14.04.1

4.4.0-63.84~14.04.2

4.4.0-64.85~14.04.1

4.4.0-66.87~14.04.1

4.4.0-67.88~14.04.1

4.4.0-70.91~14.04.1

4.4.0-71.92~14.04.1

4.4.0-72.93~14.04.1

4.4.0-75.96~14.04.1

4.4.0-78.99~14.04.2

4.4.0-79.100~14.04.1

4.4.0-81.104~14.04.1

4.4.0-83.106~14.04.1

4.4.0-87.110~14.04.1

4.4.0-89.112~14.04.1

4.4.0-91.114~14.04.1

4.4.0-92.115~14.04.1

4.4.0-93.116~14.04.1

4.4.0-96.119~14.04.1

4.4.0-97.120~14.04.1

4.4.0-98.121~14.04.1

4.4.0-101.124~14.04.1

4.4.0-103.126~14.04.1

4.4.0-104.127~14.04.1

4.4.0-108.131~14.04.1

4.4.0-109.132~14.04.1

4.4.0-111.134~14.04.1

4.4.0-112.135~14.04.1

4.4.0-116.140~14.04.1

4.4.0-119.143~14.04.1

4.4.0-121.145~14.04.1

4.4.0-124.148~14.04.1

4.4.0-127.153~14.04.1

4.4.0-128.154~14.04.1

4.4.0-130.156~14.04.1

4.4.0-131.157~14.04.1

4.4.0-133.159~14.04.1

4.4.0-134.160~14.04.1

4.4.0-135.161~14.04.1

4.4.0-137.163~14.04.1

4.4.0-138.164~14.04.1

4.4.0-139.165~14.04.1

4.4.0-140.166~14.04.1

4.4.0-141.167~14.04.1

4.4.0-142.168~14.04.1

4.4.0-143.169~14.04.2

4.4.0-144.170~14.04.1

4.4.0-146.172~14.04.1

4.4.0-148.174~14.04.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "linux-image-4.4.0-206-powerpc-smp",
            "binary_version": "4.4.0-206.238~14.04.1"
        },
        {
            "binary_name": "linux-image-4.4.0-206-powerpc-e500mc",
            "binary_version": "4.4.0-206.238~14.04.1"
        },
        {
            "binary_name": "linux-image-4.4.0-206-powerpc64-smp",
            "binary_version": "4.4.0-206.238~14.04.1"
        },
        {
            "binary_name": "linux-image-4.4.0-206-lowlatency",
            "binary_version": "4.4.0-206.238~14.04.1"
        },
        {
            "binary_name": "linux-image-4.4.0-206-generic-lpae",
            "binary_version": "4.4.0-206.238~14.04.1"
        },
        {
            "binary_name": "linux-image-4.4.0-206-generic",
            "binary_version": "4.4.0-206.238~14.04.1"
        },
        {
            "binary_name": "linux-image-4.4.0-206-powerpc64-emb",
            "binary_version": "4.4.0-206.238~14.04.1"
        }
    ],
    "availability": "No subscription required"
}