USN-5162-1

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/USN-5162-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5162-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-5162-1

Related

Published

2021-11-30T22:22:53.029511Z

Modified

2021-11-30T22:22:53.029511Z

Summary

linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-oem-5.13, linux-oracle, linux-raspi vulnerabilities

Details

Ilja Van Sprundel discovered that the SCTP implementation in the Linux kernel did not properly perform size validations on incoming packets in some situations. An attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2021-3655)

It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3744, CVE-2021-3764)

It was discovered that the Aspeed Low Pin Count (LPC) Bus Controller implementation in the Linux kernel did not properly perform boundary checks in some situations, allowing out-of-bounds write access. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. In Ubuntu, this issue only affected systems running armhf kernels. (CVE-2021-42252)

Jann Horn discovered that the SELinux subsystem in the Linux kernel did not properly handle subjective credentials for tasks in some situations. On systems where SELinux has been enabled, a local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2021-43057)

References

Affected packages

Ubuntu:20.04:LTS / linux-oem-5.13

Package

Name: linux-oem-5.13
Purl: pkg:deb/ubuntu/linux-oem-5.13?arch=src?distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.13.0-1020.24

Affected versions

5.*

5.13.0-1009.10

5.13.0-1010.11

5.13.0-1012.16

5.13.0-1014.18

5.13.0-1017.21

5.13.0-1019.23

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "5.13.0-1020.24",
            "binary_name": "linux-buildinfo-5.13.0-1020-oem"
        },
        {
            "binary_version": "5.13.0-1020.24",
            "binary_name": "linux-headers-5.13.0-1020-oem"
        },
        {
            "binary_version": "5.13.0-1020.24",
            "binary_name": "linux-image-unsigned-5.13.0-1020-oem"
        },
        {
            "binary_version": "5.13.0-1020.24",
            "binary_name": "linux-image-unsigned-5.13.0-1020-oem-dbgsym"
        },
        {
            "binary_version": "5.13.0-1020.24",
            "binary_name": "linux-modules-5.13.0-1020-oem"
        },
        {
            "binary_version": "5.13.0-1020.24",
            "binary_name": "linux-oem-5.13-headers-5.13.0-1020"
        },
        {
            "binary_version": "5.13.0-1020.24",
            "binary_name": "linux-oem-5.13-tools-5.13.0-1020"
        },
        {
            "binary_version": "5.13.0-1020.24",
            "binary_name": "linux-oem-5.13-tools-host"
        },
        {
            "binary_version": "5.13.0-1020.24",
            "binary_name": "linux-tools-5.13.0-1020-oem"
        }
    ]
}