USN-5361-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-5361-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-5361-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-5361-1
Related
  • CVE-2020-12888
  • CVE-2020-26141
  • CVE-2020-26145
  • CVE-2020-3702
  • CVE-2021-0920
  • CVE-2021-0935
  • CVE-2021-28964
  • CVE-2021-31916
  • CVE-2021-37159
  • CVE-2021-39636
  • CVE-2021-4083
  • CVE-2021-42739
  • CVE-2021-43976
  • CVE-2021-45486
Published
2022-04-01T00:37:48.167537Z
Modified
2022-04-01T00:37:48.167537Z
Summary
linux, linux-aws, linux-kvm, linux-lts-xenial vulnerabilities
Details

It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12888)

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. (CVE-2020-26141)

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation accepted plaintext fragments in certain situations. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145)

It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information (WiFi network traffic). (CVE-2020-3702)

It was discovered a race condition existed in the Unix domain socket implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-0920)

It was discovered that the IPv6 implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-0935)

Zygo Blaxell discovered that the btrfs file system implementation in the Linux kernel contained a race condition during certain cloning operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-28964)

Dan Carpenter discovered that the block device manager (dm) implementation in the Linux kernel contained a buffer overflow in the ioctl for listing devices. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2021-31916)

It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159)

It was discovered that the network packet filtering implementation in the Linux kernel did not properly initialize information in certain circumstances. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-39636)

Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083)

Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739)

Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-43976)

Amit Klein discovered that the IPv4 implementation in the Linux kernel could disclose internal state in some situations. An attacker could possibly use this to expose sensitive information. (CVE-2021-45486)

References

Affected packages

Ubuntu:Pro:14.04:LTS / linux-lts-xenial

Package

Name
linux-lts-xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-223.256~14.04.1

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "linux-signed-lowlatency-lts-xenial": "4.4.0.223.194",
            "linux-cloud-tools-4.4.0-223-generic": "4.4.0-223.256~14.04.1",
            "linux-cloud-tools-4.4.0-223-lowlatency": "4.4.0-223.256~14.04.1",
            "linux-cloud-tools-lowlatency-lts-xenial": "4.4.0.223.194",
            "linux-tools-4.4.0-223-lowlatency": "4.4.0-223.256~14.04.1",
            "linux-modules-extra-4.4.0-223-generic": "4.4.0-223.256~14.04.1",
            "linux-generic-lts-xenial": "4.4.0.223.194",
            "linux-image-virtual-lts-xenial": "4.4.0.223.194",
            "linux-modules-4.4.0-223-generic": "4.4.0-223.256~14.04.1",
            "linux-modules-4.4.0-223-lowlatency": "4.4.0-223.256~14.04.1",
            "linux-image-generic-lts-xenial": "4.4.0.223.194",
            "linux-image-extra-virtual-lts-xenial": "4.4.0.223.194",
            "linux-image-4.4.0-223-generic": "4.4.0-223.256~14.04.1",
            "linux-image-unsigned-4.4.0-223-lowlatency": "4.4.0-223.256~14.04.1",
            "linux-tools-generic-lts-xenial": "4.4.0.223.194",
            "linux-headers-4.4.0-223-lowlatency": "4.4.0-223.256~14.04.1",
            "linux-virtual-lts-xenial": "4.4.0.223.194",
            "linux-headers-virtual-lts-xenial": "4.4.0.223.194",
            "linux-image-4.4.0-223-lowlatency": "4.4.0-223.256~14.04.1",
            "linux-lts-xenial-tools-4.4.0-223": "4.4.0-223.256~14.04.1",
            "linux-signed-generic-lts-xenial": "4.4.0.223.194",
            "linux-headers-4.4.0-223-generic": "4.4.0-223.256~14.04.1",
            "linux-cloud-tools-generic-lts-xenial": "4.4.0.223.194",
            "linux-headers-generic-lts-xenial": "4.4.0.223.194",
            "linux-image-lowlatency-lts-xenial": "4.4.0.223.194",
            "linux-lowlatency-lts-xenial": "4.4.0.223.194",
            "linux-buildinfo-4.4.0-223-lowlatency": "4.4.0-223.256~14.04.1",
            "linux-tools-4.4.0-223-generic": "4.4.0-223.256~14.04.1",
            "linux-cloud-tools-virtual-lts-xenial": "4.4.0.223.194",
            "linux-lts-xenial-cloud-tools-4.4.0-223": "4.4.0-223.256~14.04.1",
            "linux-image-unsigned-4.4.0-223-generic": "4.4.0-223.256~14.04.1",
            "linux-signed-image-lowlatency-lts-xenial": "4.4.0.223.194",
            "linux-headers-4.4.0-223": "4.4.0-223.256~14.04.1",
            "linux-signed-image-generic-lts-xenial": "4.4.0.223.194",
            "linux-tools-lowlatency-lts-xenial": "4.4.0.223.194",
            "linux-tools-virtual-lts-xenial": "4.4.0.223.194",
            "linux-buildinfo-4.4.0-223-generic": "4.4.0-223.256~14.04.1",
            "linux-headers-lowlatency-lts-xenial": "4.4.0.223.194"
        }
    ]
}

Ubuntu:Pro:14.04:LTS / linux-aws

Package

Name
linux-aws

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1103.108

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "linux-cloud-tools-4.4.0-1103-aws": "4.4.0-1103.108",
            "linux-buildinfo-4.4.0-1103-aws": "4.4.0-1103.108",
            "linux-aws": "4.4.0.1103.101",
            "linux-tools-aws": "4.4.0.1103.101",
            "linux-headers-4.4.0-1103-aws": "4.4.0-1103.108",
            "linux-headers-aws": "4.4.0.1103.101",
            "linux-modules-4.4.0-1103-aws": "4.4.0-1103.108",
            "linux-image-4.4.0-1103-aws": "4.4.0-1103.108",
            "linux-aws-headers-4.4.0-1103": "4.4.0-1103.108",
            "linux-aws-cloud-tools-4.4.0-1103": "4.4.0-1103.108",
            "linux-image-aws": "4.4.0.1103.101",
            "linux-tools-4.4.0-1103-aws": "4.4.0-1103.108",
            "linux-aws-tools-4.4.0-1103": "4.4.0-1103.108"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / linux

Package

Name
linux

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-223.256

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "linux-tools-virtual-lts-vivid": "4.4.0.223.230",
            "linux-tools-generic-lts-wily": "4.4.0.223.230",
            "linux-headers-generic-lts-wily": "4.4.0.223.230",
            "linux-source-4.4.0": "4.4.0-223.256",
            "linux-cloud-tools-virtual-lts-wily": "4.4.0.223.230",
            "linux-cloud-tools-lowlatency-lts-xenial": "4.4.0.223.230",
            "linux-image-extra-virtual-lts-utopic": "4.4.0.223.230",
            "linux-generic-lts-utopic": "4.4.0.223.230",
            "linux-tools-virtual": "4.4.0.223.230",
            "linux-signed-image-lowlatency": "4.4.0.223.230",
            "linux-source": "4.4.0.223.230",
            "linux-image-4.4.0-223-generic": "4.4.0-223.256",
            "linux-cloud-tools-generic": "4.4.0.223.230",
            "linux-image-virtual": "4.4.0.223.230",
            "linux-tools-generic": "4.4.0.223.230",
            "linux-signed-image-generic-lts-wily": "4.4.0.223.230",
            "linux-headers-virtual-lts-utopic": "4.4.0.223.230",
            "linux-image-generic-lts-vivid": "4.4.0.223.230",
            "linux-virtual": "4.4.0.223.230",
            "linux-virtual-lts-utopic": "4.4.0.223.230",
            "linux-crashdump": "4.4.0.223.230",
            "linux-generic-lts-vivid": "4.4.0.223.230",
            "linux-cloud-tools-4.4.0-223": "4.4.0-223.256",
            "linux-buildinfo-4.4.0-223-lowlatency": "4.4.0-223.256",
            "linux-generic": "4.4.0.223.230",
            "linux-image-lowlatency-lts-xenial": "4.4.0.223.230",
            "linux-headers-lowlatency-lts-utopic": "4.4.0.223.230",
            "linux-cloud-tools-lowlatency-lts-wily": "4.4.0.223.230",
            "linux-headers-4.4.0-223": "4.4.0-223.256",
            "linux-image-generic-lts-wily": "4.4.0.223.230",
            "linux-signed-image-generic": "4.4.0.223.230",
            "linux-tools-lowlatency": "4.4.0.223.230",
            "linux-image-virtual-lts-vivid": "4.4.0.223.230",
            "linux-image-hwe-virtual-trusty": "4.4.0.223.230",
            "linux-cloud-tools-common": "4.4.0-223.256",
            "linux-libc-dev": "4.4.0-223.256",
            "linux-cloud-tools-4.4.0-223-lowlatency": "4.4.0-223.256",
            "linux-image-virtual-lts-xenial": "4.4.0.223.230",
            "linux-tools-4.4.0-223-lowlatency": "4.4.0-223.256",
            "linux-tools-lowlatency-lts-wily": "4.4.0.223.230",
            "linux-image-generic-lts-xenial": "4.4.0.223.230",
            "linux-tools-4.4.0-223": "4.4.0-223.256",
            "linux-headers-virtual": "4.4.0.223.230",
            "linux-hwe-generic-trusty": "4.4.0.223.230",
            "linux-virtual-lts-xenial": "4.4.0.223.230",
            "linux-image-generic-lts-utopic": "4.4.0.223.230",
            "linux-tools-generic-lts-vivid": "4.4.0.223.230",
            "linux-headers-virtual-lts-xenial": "4.4.0.223.230",
            "linux-headers-virtual-lts-vivid": "4.4.0.223.230",
            "linux-generic-lts-wily": "4.4.0.223.230",
            "linux-tools-lts-utopic": "4.4.0.223.230",
            "linux-signed-lowlatency": "4.4.0.223.230",
            "linux-lowlatency-lts-vivid": "4.4.0.223.230",
            "linux-image-extra-virtual-lts-vivid": "4.4.0.223.230",
            "linux-signed-image-generic-lts-xenial": "4.4.0.223.230",
            "linux-cloud-tools-virtual-lts-xenial": "4.4.0.223.230",
            "linux-lowlatency-lts-utopic": "4.4.0.223.230",
            "linux-signed-image-lowlatency-lts-xenial": "4.4.0.223.230",
            "linux-tools-common": "4.4.0-223.256",
            "linux-headers-generic-lts-vivid": "4.4.0.223.230",
            "linux-lowlatency": "4.4.0.223.230",
            "linux-cloud-tools-virtual-lts-utopic": "4.4.0.223.230",
            "linux-buildinfo-4.4.0-223-generic": "4.4.0-223.256",
            "linux-tools-generic-lts-utopic": "4.4.0.223.230",
            "linux-headers-generic-lts-utopic": "4.4.0.223.230",
            "linux-signed-generic-lts-vivid": "4.4.0.223.230",
            "linux-cloud-tools-lowlatency-lts-vivid": "4.4.0.223.230",
            "linux-signed-image-generic-lts-utopic": "4.4.0.223.230",
            "linux-cloud-tools-generic-lts-wily": "4.4.0.223.230",
            "linux-image-lowlatency-lts-vivid": "4.4.0.223.230",
            "linux-image-generic": "4.4.0.223.230",
            "linux-image-hwe-generic-trusty": "4.4.0.223.230",
            "linux-tools-virtual-lts-wily": "4.4.0.223.230",
            "linux-cloud-tools-4.4.0-223-generic": "4.4.0-223.256",
            "linux-lowlatency-lts-wily": "4.4.0.223.230",
            "linux-image-virtual-lts-utopic": "4.4.0.223.230",
            "linux-cloud-tools-lowlatency": "4.4.0.223.230",
            "linux-cloud-tools-virtual": "4.4.0.223.230",
            "linux-modules-4.4.0-223-lowlatency": "4.4.0-223.256",
            "linux-cloud-tools-generic-lts-vivid": "4.4.0.223.230",
            "linux-cloud-tools-virtual-lts-vivid": "4.4.0.223.230",
            "linux-image-extra-virtual": "4.4.0.223.230",
            "linux-signed-image-lowlatency-lts-wily": "4.4.0.223.230",
            "linux-headers-lowlatency-lts-wily": "4.4.0.223.230",
            "linux-image-unsigned-4.4.0-223-lowlatency": "4.4.0-223.256",
            "linux-tools-generic-lts-xenial": "4.4.0.223.230",
            "linux-headers-4.4.0-223-lowlatency": "4.4.0-223.256",
            "linux-image-4.4.0-223-lowlatency": "4.4.0-223.256",
            "linux-cloud-tools-lowlatency-lts-utopic": "4.4.0.223.230",
            "linux-signed-image-generic-lts-vivid": "4.4.0.223.230",
            "linux-cloud-tools-generic-lts-xenial": "4.4.0.223.230",
            "linux-headers-generic-lts-xenial": "4.4.0.223.230",
            "linux-lowlatency-lts-xenial": "4.4.0.223.230",
            "linux-virtual-lts-vivid": "4.4.0.223.230",
            "linux-image-unsigned-4.4.0-223-generic": "4.4.0-223.256",
            "linux-image-lowlatency-lts-utopic": "4.4.0.223.230",
            "linux-image-extra-virtual-lts-wily": "4.4.0.223.230",
            "linux-headers-lowlatency-lts-xenial": "4.4.0.223.230",
            "linux-signed-lowlatency-lts-wily": "4.4.0.223.230",
            "linux-tools-lowlatency-lts-vivid": "4.4.0.223.230",
            "linux-signed-lowlatency-lts-xenial": "4.4.0.223.230",
            "linux-image-lowlatency-lts-wily": "4.4.0.223.230",
            "linux-modules-extra-4.4.0-223-generic": "4.4.0-223.256",
            "linux-doc": "4.4.0-223.256",
            "linux-generic-lts-xenial": "4.4.0.223.230",
            "linux-headers-lowlatency-lts-vivid": "4.4.0.223.230",
            "linux-modules-4.4.0-223-generic": "4.4.0-223.256",
            "linux-headers-generic": "4.4.0.223.230",
            "linux-headers-lowlatency": "4.4.0.223.230",
            "linux-image-lowlatency": "4.4.0.223.230",
            "linux-image-extra-virtual-lts-xenial": "4.4.0.223.230",
            "linux-tools-virtual-lts-utopic": "4.4.0.223.230",
            "linux-tools-host": "4.4.0-223.256",
            "linux-headers-virtual-lts-wily": "4.4.0.223.230",
            "linux-signed-generic-lts-wily": "4.4.0.223.230",
            "linux-signed-generic-lts-xenial": "4.4.0.223.230",
            "linux-signed-generic-lts-utopic": "4.4.0.223.230",
            "linux-headers-4.4.0-223-generic": "4.4.0-223.256",
            "linux-cloud-tools-generic-lts-utopic": "4.4.0.223.230",
            "linux-image-virtual-lts-wily": "4.4.0.223.230",
            "linux-hwe-virtual-trusty": "4.4.0.223.230",
            "linux-tools-4.4.0-223-generic": "4.4.0-223.256",
            "linux-tools-lowlatency-lts-utopic": "4.4.0.223.230",
            "linux-signed-generic": "4.4.0.223.230",
            "linux-virtual-lts-wily": "4.4.0.223.230",
            "linux-tools-lowlatency-lts-xenial": "4.4.0.223.230",
            "linux-tools-virtual-lts-xenial": "4.4.0.223.230"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / linux-kvm

Package

Name
linux-kvm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1104.113

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "linux-headers-kvm": "4.4.0.1104.102",
            "linux-tools-4.4.0-1104-kvm": "4.4.0-1104.113",
            "linux-kvm": "4.4.0.1104.102",
            "linux-headers-4.4.0-1104-kvm": "4.4.0-1104.113",
            "linux-buildinfo-4.4.0-1104-kvm": "4.4.0-1104.113",
            "linux-kvm-tools-4.4.0-1104": "4.4.0-1104.113",
            "linux-image-4.4.0-1104-kvm": "4.4.0-1104.113",
            "linux-tools-kvm": "4.4.0.1104.102",
            "linux-modules-4.4.0-1104-kvm": "4.4.0-1104.113",
            "linux-kvm-cloud-tools-4.4.0-1104": "4.4.0-1104.113",
            "linux-cloud-tools-4.4.0-1104-kvm": "4.4.0-1104.113",
            "linux-kvm-headers-4.4.0-1104": "4.4.0-1104.113",
            "linux-image-kvm": "4.4.0.1104.102"
        }
    ]
}

Ubuntu:Pro:16.04:LTS / linux-aws

Package

Name
linux-aws

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1139.153

Ecosystem specific

{
    "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
    "binaries": [
        {
            "linux-cloud-tools-4.4.0-1139-aws": "4.4.0-1139.153",
            "linux-modules-4.4.0-1139-aws": "4.4.0-1139.153",
            "linux-aws-cloud-tools-4.4.0-1139": "4.4.0-1139.153",
            "linux-buildinfo-4.4.0-1139-aws": "4.4.0-1139.153",
            "linux-tools-4.4.0-1139-aws": "4.4.0-1139.153",
            "linux-headers-aws": "4.4.0.1139.144",
            "linux-image-aws": "4.4.0.1139.144",
            "linux-aws": "4.4.0.1139.144",
            "linux-aws-headers-4.4.0-1139": "4.4.0-1139.153",
            "linux-aws-tools-4.4.0-1139": "4.4.0-1139.153",
            "linux-image-4.4.0-1139-aws": "4.4.0-1139.153",
            "linux-modules-extra-aws": "4.4.0.1139.144",
            "linux-headers-4.4.0-1139-aws": "4.4.0-1139.153",
            "linux-modules-extra-4.4.0-1139-aws": "4.4.0-1139.153",
            "linux-tools-aws": "4.4.0.1139.144"
        }
    ]
}