Description
Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.From USN-5000-2:USN-5000-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS and the Linux HWE kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux KVM kernel for Ubuntu 20.04 LTS.Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609)Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33200)Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in some situations. A physically proximate attacker could possibly use this issue to inject packets or expose sensitive information. (CVE-2020-24586)Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled encrypted fragments. A physically proximate attacker could possibly use this issue to decrypt fragments. (CVE-2020-24587)Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled certain malformed frames. If a user were tricked into connecting to a malicious server, a physically proximate attacker could use this issue to inject packets. (CVE-2020-24588)Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled EAPOL frames from unauthenticated senders. A physically proximate attacker could inject malicious packets to cause a denial of service (system crash). (CVE-2020-26139)Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. (CVE-2020-26141)Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation accepted plaintext fragments in certain situations. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145)Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. (CVE-2020-26147)Or Cohen discovered that the SCTP implementation in the Linux kernel contained a race condition in some situations, leading to a use-after-free condition. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23133)Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23134)Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly prevent speculative loads in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-31829)It was discovered that a race condition in the kernel Bluetooth subsystem could lead to use-after-free of slab objects. An attacker could use this issue to possibly execute arbitrary code. (CVE-2021-32399)It was discovered that a use-after-free existed in the Bluetooth HCI driver of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33034)It was discovered that an out-of-bounds (OOB) memory access flaw existed in the f2fs module of the Linux kernel. A local attacker could use this issue to cause a denial of service (system crash). (CVE-2021-3506)
Solution(s)
ubuntu-upgrade- ubuntu-upgrade-4-15-0-1103-104 ubuntu-upgrade-4-15-0-1103-116-16-04-1 ubuntu-upgrade-4-15-0-1106-113-16-04-1 ubuntu-upgrade-4-15-0-1118-109 ubuntu-upgrade-4-15-0-1118-91 ubuntu-upgrade-4-15-0-147-143 ubuntu-upgrade-available ubuntu-upgrade-desktop ubuntu-upgrade-infra ubuntu-upgrade-linux-image-4-15-0-1022-dell300x ubuntu-upgrade-linux-image-4-15-0-1075-oracle ubuntu-upgrade-linux-image-4-15-0-1089-raspi2 ubuntu-upgrade-linux-image-4-15-0-1103-gcp ubuntu-upgrade-linux-image-4-15-0-1106-aws ubuntu-upgrade-linux-image-4-15-0-1106-snapdragon ubuntu-upgrade-linux-image-4-15-0-1118-azure ubuntu-upgrade-linux-image-4-15-0-147-generic ubuntu-upgrade-linux-image-4-15-0-147-generic-lpae ubuntu-upgrade-linux-image-4-15-0-147-lowlatency ubuntu-upgrade-linux-image-5-10-0-1033-oem ubuntu-upgrade-linux-image-5-11-0-1009-azure ubuntu-upgrade-linux-image-5-11-0-1009-kvm ubuntu-upgrade-linux-image-5-11-0-1010-oracle ubuntu-upgrade-linux-image-5-11-0-1011-aws ubuntu-upgrade-linux-image-5-11-0-1011-gcp ubuntu-upgrade-linux-image-5-11-0-1012-raspi ubuntu-upgrade-linux-image-5-11-0-1012-raspi-nolpae ubuntu-upgrade-linux-image-5-11-0-22-generic ubuntu-upgrade-linux-image-5-11-0-22-generic-64k ubuntu-upgrade-linux-image-5-11-0-22-generic-lpae ubuntu-upgrade-linux-image-5-11-0-22-lowlatency ubuntu-upgrade-linux-image-5-3-0-1041-raspi2 ubuntu-upgrade-linux-image-5-3-0-1044-gke ubuntu-upgrade-linux-image-5-3-0-75-generic ubuntu-upgrade-linux-image-5-3-0-75-lowlatency ubuntu-upgrade-linux-image-5-4-0-1018-gkeop ubuntu-upgrade-linux-image-5-4-0-1038-raspi ubuntu-upgrade-linux-image-5-4-0-1041-kvm ubuntu-upgrade-linux-image-5-4-0-1046-gcp ubuntu-upgrade-linux-image-5-4-0-1046-gke ubuntu-upgrade-linux-image-5-4-0-1048-oracle ubuntu-upgrade-linux-image-5-4-0-1051-aws ubuntu-upgrade-linux-image-5-4-0-1051-azure ubuntu-upgrade-linux-image-5-4-0-77-generic ubuntu-upgrade-linux-image-5-4-0-77-generic-lpae ubuntu-upgrade-linux-image-5-4-0-77-lowlatency ubuntu-upgrade-linux-image-5-8-0-1029-raspi ubuntu-upgrade-linux-image-5-8-0-1029-raspi-nolpae ubuntu-upgrade-linux-image-5-8-0-1030-kvm ubuntu-upgrade-linux-image-5-8-0-1033-oracle ubuntu-upgrade-linux-image-5-8-0-1035-gcp ubuntu-upgrade-linux-image-5-8-0-1036-azure ubuntu-upgrade-linux-image-5-8-0-1038-aws ubuntu-upgrade-linux-image-5-8-0-59-generic ubuntu-upgrade-linux-image-5-8-0-59-generic-64k ubuntu-upgrade-linux-image-5-8-0-59-generic-lpae ubuntu-upgrade-linux-image-5-8-0-59-lowlatency ubuntu-upgrade-linux-image-aws ubuntu-upgrade-linux-image-aws-lts-18-04 ubuntu-upgrade-linux-image-aws-lts-20-04 ubuntu-upgrade-linux-image-azure ubuntu-upgrade-linux-image-azure-lts-18-04 ubuntu-upgrade-linux-image-azure-lts-20-04 ubuntu-upgrade-linux-image-dell300x ubuntu-upgrade-linux-image-gcp ubuntu-upgrade-linux-image-gcp-lts-18-04 ubuntu-upgrade-linux-image-gcp-lts-20-04 ubuntu-upgrade-linux-image-generic ubuntu-upgrade-linux-image-generic-64k ubuntu-upgrade-linux-image-generic-64k-hwe-20-04 ubuntu-upgrade-linux-image-generic-hwe-16-04 ubuntu-upgrade-linux-image-generic-hwe-18-04 ubuntu-upgrade-linux-image-generic-hwe-20-04 ubuntu-upgrade-linux-image-generic-lpae ubuntu-upgrade-linux-image-generic-lpae-hwe-18-04 ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04 ubuntu-upgrade-linux-image-gke ubuntu-upgrade-linux-image-gke-5-3 ubuntu-upgrade-linux-image-gke-5-4 ubuntu-upgrade-linux-image-gkeop ubuntu-upgrade-linux-image-gkeop-5-3 ubuntu-upgrade-linux-image-gkeop-5-4 ubuntu-upgrade-linux-image-kvm ubuntu-upgrade-linux-image-lowlatency ubuntu-upgrade-linux-image-lowlatency-hwe-18-04 ubuntu-upgrade-linux-image-lowlatency-hwe-20-04 ubuntu-upgrade-linux-image-oem ubuntu-upgrade-linux-image-oem-20-04 ubuntu-upgrade-linux-image-oem-20-04b ubuntu-upgrade-linux-image-oem-osp1 ubuntu-upgrade-linux-image-oracle ubuntu-upgrade-linux-image-oracle-lts-18-04 ubuntu-upgrade-linux-image-oracle-lts-20-04 ubuntu-upgrade-linux-image-raspi ubuntu-upgrade-linux-image-raspi-hwe-18-04 ubuntu-upgrade-linux-image-raspi-nolpae ubuntu-upgrade-linux-image-raspi2 ubuntu-upgrade-linux-image-raspi2-hwe-18-04 ubuntu-upgrade-linux-image-snapdragon ubuntu-upgrade-linux-image-snapdragon-hwe-18-04 ubuntu-upgrade-linux-image-virtual ubuntu-upgrade-linux-image-virtual-hwe-18-04 ubuntu-upgrade-linux-image-virtual-hwe-20-04 ubuntu-upgrade-or ubuntu-upgrade-ua ubuntu-upgrade-with
References
Tuesday, June 29, 2021
Ubuntu: (Multiple Advisories) (CVE-2021-3609): Linux kernel (KVM) vulnerabilities
Subscribe to an RSS Feed
Blog Archive
- August 2020 (560)
- September 2020 (1436)
- October 2020 (1159)
- November 2020 (1093)
- December 2020 (1314)
- January 2021 (1645)
- February 2021 (1414)
- March 2021 (1221)
- April 2021 (1028)
- May 2021 (986)
- June 2021 (528)
- July 2021 (622)
- August 2021 (748)
- September 2021 (728)
- October 2021 (1130)
- November 2021 (911)
- December 2021 (668)
- January 2022 (627)
- February 2022 (553)
- March 2022 (348)
- April 2022 (169)
- May 2022 (37)