USN-5266-1

See a problem?

Source

https://ubuntu.com/security/notices/USN-5266-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5266-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-5266-1

Related

CVE-2021-22600
CVE-2021-42739
UBUNTU-CVE-2021-22600
UBUNTU-CVE-2021-42739

Published

2022-02-03T04:13:54.253336Z

Modified

2022-02-03T04:13:54.253336Z

Summary

linux-gke, linux-gke-5.4 vulnerabilities

Details

It was discovered that the Packet network protocol implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-22600)

Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739)

References

Affected packages

Ubuntu:18.04:LTS / linux-gke-5.4

Package

Name: linux-gke-5.4
Purl: pkg:deb/ubuntu/linux-gke-5.4@5.4.0-1061.64~18.04.1?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.4.0-1061.64~18.04.1

Affected versions

5.*

5.4.0-1025.25~18.04.1

5.4.0-1027.28~18.04.1

5.4.0-1029.31~18.04.1

5.4.0-1030.32~18.04.1

5.4.0-1032.34~18.04.1

5.4.0-1033.35~18.04.1

5.4.0-1035.37~18.04.1

5.4.0-1036.38~18.04.1

5.4.0-1037.39~18.04.1

5.4.0-1039.41~18.04.1

5.4.0-1040.42~18.04.1

5.4.0-1042.44~18.04.1

5.4.0-1043.45~18.04.1

5.4.0-1044.46~18.04.1

5.4.0-1046.48~18.04.1

5.4.0-1049.52~18.04.1

5.4.0-1051.54~18.04.1

5.4.0-1052.55~18.04.1

5.4.0-1053.56~18.04.1

5.4.0-1054.57~18.04.1

5.4.0-1055.58~18.04.1

5.4.0-1056.59~18.04.1

5.4.0-1057.60~18.04.1

5.4.0-1059.62~18.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "linux-image-unsigned-5.4.0-1061-gke-dbgsym": "5.4.0-1061.64~18.04.1",
            "linux-buildinfo-5.4.0-1061-gke": "5.4.0-1061.64~18.04.1",
            "linux-modules-5.4.0-1061-gke": "5.4.0-1061.64~18.04.1",
            "linux-gke-5.4-headers-5.4.0-1061": "5.4.0-1061.64~18.04.1",
            "linux-gke-5.4-tools-5.4.0-1061": "5.4.0-1061.64~18.04.1",
            "linux-headers-5.4.0-1061-gke": "5.4.0-1061.64~18.04.1",
            "linux-modules-extra-5.4.0-1061-gke": "5.4.0-1061.64~18.04.1",
            "linux-image-unsigned-5.4.0-1061-gke": "5.4.0-1061.64~18.04.1",
            "linux-tools-5.4.0-1061-gke": "5.4.0-1061.64~18.04.1"
        }
    ]
}

Ubuntu:20.04:LTS / linux-gke

Package

Name: linux-gke
Purl: pkg:deb/ubuntu/linux-gke@5.4.0-1061.64?arch=src?distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.4.0-1061.64

Affected versions

5.*

5.4.0-1033.35

5.4.0-1035.37

5.4.0-1036.38

5.4.0-1037.39

5.4.0-1039.41

5.4.0-1041.43

5.4.0-1042.44

5.4.0-1043.45

5.4.0-1044.46

5.4.0-1046.48

5.4.0-1049.52

5.4.0-1051.54

5.4.0-1052.55

5.4.0-1053.56

5.4.0-1054.57

5.4.0-1055.58

5.4.0-1056.59

5.4.0-1057.60

5.4.0-1059.62

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "linux-image-unsigned-5.4.0-1061-gke-dbgsym": "5.4.0-1061.64",
            "linux-buildinfo-5.4.0-1061-gke": "5.4.0-1061.64",
            "linux-modules-5.4.0-1061-gke": "5.4.0-1061.64",
            "linux-modules-extra-5.4.0-1061-gke": "5.4.0-1061.64",
            "linux-headers-5.4.0-1061-gke": "5.4.0-1061.64",
            "linux-gke-headers-5.4.0-1061": "5.4.0-1061.64",
            "linux-gke-tools-5.4.0-1061": "5.4.0-1061.64",
            "linux-tools-5.4.0-1061-gke": "5.4.0-1061.64",
            "linux-image-unsigned-5.4.0-1061-gke": "5.4.0-1061.64"
        }
    ]
}