[USN-5082-1] Linux kernel (OEM) vulnerabilities
Severity
High
Affected Packages
13
CVEs
3
Several security issues were fixed in the Linux kernel.
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor
implementation for AMD processors in the Linux kernel allowed a guest VM to
disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a
guest VM could use this to read or write portions of the host's physical
memory. (CVE-2021-3656)
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD
processors in the Linux kernel did not properly prevent a guest VM from
enabling AVIC in nested guest VMs. An attacker in a guest VM could use this
to write to portions of the host's physical memory. (CVE-2021-3653)
Norbert Slusarek discovered a race condition in the CAN BCM networking
protocol of the Linux kernel leading to multiple use-after-free
vulnerabilities. A local attacker could use this issue to execute arbitrary
code. (CVE-2021-3609)
| Package | Affected Version |
|---|---|
 pkg:deb/ubuntu/linux-tools-oem-20.04c?distro=focal
|
< 5.13.0.1012.16 |
|
pkg:deb/ubuntu/linux-tools-5.13.0-1012-oem?distro=focal
|
< 5.13.0-1012.16 |
|
pkg:deb/ubuntu/linux-oem-5.13-tools-host?distro=focal
|
< 5.13.0-1012.16 |
|
pkg:deb/ubuntu/linux-oem-5.13-tools-5.13.0-1012?distro=focal
|
< 5.13.0-1012.16 |
|
pkg:deb/ubuntu/linux-oem-5.13-headers-5.13.0-1012?distro=focal
|
< 5.13.0-1012.16 |
|
pkg:deb/ubuntu/linux-oem-20.04c?distro=focal
|
< 5.13.0.1012.16 |
|
pkg:deb/ubuntu/linux-modules-5.13.0-1012-oem?distro=focal
|
< 5.13.0-1012.16 |
|
pkg:deb/ubuntu/linux-image-unsigned-5.13.0-1012-oem?distro=focal
|
< 5.13.0-1012.16 |
|
pkg:deb/ubuntu/linux-image-oem-20.04c?distro=focal
|
< 5.13.0.1012.16 |
|
pkg:deb/ubuntu/linux-image-5.13.0-1012-oem?distro=focal
|
< 5.13.0-1012.16 |
|
pkg:deb/ubuntu/linux-headers-oem-20.04c?distro=focal
|
< 5.13.0.1012.16 |
|
pkg:deb/ubuntu/linux-headers-5.13.0-1012-oem?distro=focal
|
< 5.13.0-1012.16 |
|
pkg:deb/ubuntu/linux-buildinfo-5.13.0-1012-oem?distro=focal
|
< 5.13.0-1012.16 |
- ID
- USN-5082-1
- Severity
- high
- URL
- https://ubuntu.com/security/notices/USN-5082-1
- Published
-
2021-09-16T16:49:22
(3 years ago) - Modified
-
2021-09-16T16:49:22
(3 years ago) - Other Advisories
-
-
ALAS-2021-1539
-
ALAS2-2021-1704
-
ALSA-2021:3057
-
ALSA-2021:3548
-
ALSA-2021:4056
-
ASA-202107-48
-
ASA-202107-49
-
ASA-202107-50
-
ASA-202107-51
-
DSA-4941-1
-
DSA-4978-1
-
ELSA-2021-3057
-
ELSA-2021-3548
-
ELSA-2021-3801
-
ELSA-2021-4056
-
ELSA-2021-9419
-
ELSA-2021-9420
-
ELSA-2021-9421
-
ELSA-2021-9422
-
ELSA-2021-9442
-
ELSA-2021-9450
-
ELSA-2021-9451
-
ELSA-2021-9452
-
ELSA-2021-9453
-
ELSA-2021-9564
-
ELSA-2021-9565
-
ELSA-2022-9244
-
ELSA-2022-9245
-
FEDORA-2021-33819e6b09
-
FEDORA-2021-95f2f1cfc7
-
FEDORA-2021-a424256622
-
FEDORA-2021-fe826f202e
-
MS:CVE-2021-3609
-
MS:CVE-2021-3653
-
MS:CVE-2021-3656
-
openSUSE-SU-2021:1076-1
-
openSUSE-SU-2021:1271-1
-
openSUSE-SU-2021:2427-1
-
openSUSE-SU-2021:2645-1
-
openSUSE-SU-2021:2687-1
-
openSUSE-SU-2021:3179-1
-
openSUSE-SU-2021:3205-1
-
openSUSE-SU-2021:3876-1
-
RHSA-2021:3044
-
RHSA-2021:3057
-
RHSA-2021:3088
-
RHSA-2021:3547
-
RHSA-2021:3548
-
RHSA-2021:3801
-
RHSA-2021:3802
-
RHSA-2021:4056
-
RHSA-2021:4088
-
RLSA-2021:3057
-
RLSA-2021:4088
-
SSA:2022-031-01
-
SUSE-SU-2021:2406-1
-
SUSE-SU-2021:2407-1
-
SUSE-SU-2021:2408-1
-
SUSE-SU-2021:2416-1
-
SUSE-SU-2021:2421-1
-
SUSE-SU-2021:2422-1
-
SUSE-SU-2021:2427-1
-
SUSE-SU-2021:2438-1
-
SUSE-SU-2021:2451-1
-
SUSE-SU-2021:2599-1
-
SUSE-SU-2021:2599-2
-
SUSE-SU-2021:2643-1
-
SUSE-SU-2021:2645-1
-
SUSE-SU-2021:2687-1
-
SUSE-SU-2021:2746-1
-
SUSE-SU-2021:2842-1
-
SUSE-SU-2021:3073-1
-
SUSE-SU-2021:3177-1
-
SUSE-SU-2021:3178-1
-
SUSE-SU-2021:3179-1
-
SUSE-SU-2021:3192-1
-
SUSE-SU-2021:3196-1
-
SUSE-SU-2021:3205-1
-
SUSE-SU-2021:3205-2
-
SUSE-SU-2021:3206-1
-
SUSE-SU-2021:3207-1
-
SUSE-SU-2021:3217-1
-
SUSE-SU-2021:3415-1
-
SUSE-SU-2021:3876-1
-
SUSE-SU-2021:3929-1
-
SUSE-SU-2021:3935-1
-
SUSE-SU-2021:3969-1
-
SUSE-SU-2021:3972-1
-
USN-4997-1
-
USN-4997-2
-
USN-4999-1
-
USN-5000-1
-
USN-5000-2
-
USN-5001-1
-
USN-5002-1
-
USN-5003-1
-
USN-5062-1
-
USN-5070-1
-
USN-5071-1
-
USN-5071-2
-
USN-5072-1
-
USN-5073-1
-
USN-5073-2
-
USN-5505-1
-
USN-5513-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/linux-tools-oem-20.04c?distro=focal | ubuntu |
linux-tools-oem-20.04c
|
< 5.13.0.1012.16 | focal | ||
| Affected | pkg:deb/ubuntu/linux-tools-5.13.0-1012-oem?distro=focal | ubuntu |
linux-tools-5.13.0-1012-oem
|
< 5.13.0-1012.16 | focal | ||
| Affected | pkg:deb/ubuntu/linux-oem-5.13-tools-host?distro=focal | ubuntu |
linux-oem-5.13-tools-host
|
< 5.13.0-1012.16 | focal | ||
| Affected | pkg:deb/ubuntu/linux-oem-5.13-tools-5.13.0-1012?distro=focal | ubuntu |
linux-oem-5.13-tools-5.13.0-1012
|
< 5.13.0-1012.16 | focal | ||
| Affected | pkg:deb/ubuntu/linux-oem-5.13-headers-5.13.0-1012?distro=focal | ubuntu |
linux-oem-5.13-headers-5.13.0-1012
|
< 5.13.0-1012.16 | focal | ||
| Affected | pkg:deb/ubuntu/linux-oem-20.04c?distro=focal | ubuntu |
linux-oem-20.04c
|
< 5.13.0.1012.16 | focal | ||
| Affected | pkg:deb/ubuntu/linux-modules-5.13.0-1012-oem?distro=focal | ubuntu |
linux-modules-5.13.0-1012-oem
|
< 5.13.0-1012.16 | focal | ||
| Affected | pkg:deb/ubuntu/linux-image-unsigned-5.13.0-1012-oem?distro=focal | ubuntu |
linux-image-unsigned-5.13.0-1012-oem
|
< 5.13.0-1012.16 | focal | ||
| Affected | pkg:deb/ubuntu/linux-image-oem-20.04c?distro=focal | ubuntu |
linux-image-oem-20.04c
|
< 5.13.0.1012.16 | focal | ||
| Affected | pkg:deb/ubuntu/linux-image-5.13.0-1012-oem?distro=focal | ubuntu |
linux-image-5.13.0-1012-oem
|
< 5.13.0-1012.16 | focal | ||
| Affected | pkg:deb/ubuntu/linux-headers-oem-20.04c?distro=focal | ubuntu |
linux-headers-oem-20.04c
|
< 5.13.0.1012.16 | focal | ||
| Affected | pkg:deb/ubuntu/linux-headers-5.13.0-1012-oem?distro=focal | ubuntu |
linux-headers-5.13.0-1012-oem
|
< 5.13.0-1012.16 | focal | ||
| Affected | pkg:deb/ubuntu/linux-buildinfo-5.13.0-1012-oem?distro=focal | ubuntu |
linux-buildinfo-5.13.0-1012-oem
|
< 5.13.0-1012.16 | focal |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |