LSN-0081-1

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/notices/LSN-0081-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0081-1.json

JSON Data

https://api.test.osv.dev/v1/vulns/LSN-0081-1

Related

Published

2021-09-13T07:12:04Z

Modified

2021-09-13T07:12:04Z

Summary

Kernel Live Patch Security Notice

Details

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory.(CVE-2021-3653)

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory.(CVE-2021-3656)

Andy Nguyen discovered that the netfilter subsystem in the Linux kernel contained an out-of-bounds write in its setsockopt() implementation. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2021-22555)

It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.(CVE-2021-33909)

References

Affected packages

Ubuntu:Pro:14.04:LTS / linux-lts-xenial

Package

Name: linux-lts-xenial
Purl: pkg:deb/ubuntu/linux-lts-xenial@4.4.0-214.246~14.04.1?arch=source&distro=trusty/esm

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-214.246~14.04.1

Affected versions

4.*

4.4.0-13.29~14.04.1

4.4.0-14.30~14.04.2

4.4.0-15.31~14.04.1

4.4.0-18.34~14.04.1

4.4.0-21.37~14.04.1

4.4.0-22.39~14.04.1

4.4.0-22.40~14.04.1

4.4.0-24.43~14.04.1

4.4.0-28.47~14.04.1

4.4.0-31.50~14.04.1

4.4.0-34.53~14.04.1

4.4.0-36.55~14.04.1

4.4.0-38.57~14.04.1

4.4.0-42.62~14.04.1

4.4.0-45.66~14.04.1

4.4.0-47.68~14.04.1

4.4.0-51.72~14.04.1

4.4.0-53.74~14.04.1

4.4.0-57.78~14.04.1

4.4.0-59.80~14.04.1

4.4.0-62.83~14.04.1

4.4.0-63.84~14.04.2

4.4.0-64.85~14.04.1

4.4.0-66.87~14.04.1

4.4.0-67.88~14.04.1

4.4.0-70.91~14.04.1

4.4.0-71.92~14.04.1

4.4.0-72.93~14.04.1

4.4.0-75.96~14.04.1

4.4.0-78.99~14.04.2

4.4.0-79.100~14.04.1

4.4.0-81.104~14.04.1

4.4.0-83.106~14.04.1

4.4.0-87.110~14.04.1

4.4.0-89.112~14.04.1

4.4.0-91.114~14.04.1

4.4.0-92.115~14.04.1

4.4.0-93.116~14.04.1

4.4.0-96.119~14.04.1

4.4.0-97.120~14.04.1

4.4.0-98.121~14.04.1

4.4.0-101.124~14.04.1

4.4.0-103.126~14.04.1

4.4.0-104.127~14.04.1

4.4.0-108.131~14.04.1

4.4.0-109.132~14.04.1

4.4.0-111.134~14.04.1

4.4.0-112.135~14.04.1

4.4.0-116.140~14.04.1

4.4.0-119.143~14.04.1

4.4.0-121.145~14.04.1

4.4.0-124.148~14.04.1

4.4.0-127.153~14.04.1

4.4.0-128.154~14.04.1

4.4.0-130.156~14.04.1

4.4.0-131.157~14.04.1

4.4.0-133.159~14.04.1

4.4.0-134.160~14.04.1

4.4.0-135.161~14.04.1

4.4.0-137.163~14.04.1

4.4.0-138.164~14.04.1

4.4.0-139.165~14.04.1

4.4.0-140.166~14.04.1

4.4.0-141.167~14.04.1

4.4.0-142.168~14.04.1

4.4.0-143.169~14.04.2

4.4.0-144.170~14.04.1

4.4.0-146.172~14.04.1

4.4.0-148.174~14.04.1

4.4.0-164.192~14.04.1

4.4.0-165.193~14.04.1

4.4.0-166.195~14.04.1

4.4.0-168.197~14.04.1

4.4.0-169.198~14.04.1

4.4.0-170.199~14.04.1

4.4.0-171.200~14.04.1

4.4.0-173.203~14.04.1

4.4.0-174.204~14.04.1

4.4.0-176.206~14.04.1

4.4.0-177.207~14.04.1

4.4.0-178.208~14.04.1

4.4.0-179.209~14.04.1

4.4.0-184.214~14.04.1

4.4.0-185.215~14.04.1

4.4.0-186.216~14.04.1

4.4.0-187.217~14.04.1

4.4.0-189.219~14.04.1

4.4.0-190.220~14.04.1

4.4.0-193.224~14.04.1

4.4.0-194.226~14.04.1

4.4.0-197.229~14.04.1

4.4.0-198.230~14.04.1

4.4.0-200.232~14.04.1

4.4.0-201.233~14.04.1

4.4.0-203.235~14.04.1

4.4.0-204.236~14.04.1

4.4.0-206.238~14.04.1

4.4.0-208.240~14.04.1

4.4.0-209.241~14.04.1

4.4.0-210.242~14.04.1

4.4.0-211.243~14.04.1

4.4.0-212.244~14.04.1

4.4.0-213.245~14.04.1

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_4_4_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"
}

Ubuntu:Pro:16.04:LTS / linux

Package

Name: linux
Purl: pkg:deb/ubuntu/linux@4.4.0-214.246?arch=source&distro=esm-infra/xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-214.246

Affected versions

4.*

4.2.0-16.19

4.2.0-17.21

4.2.0-19.23

4.3.0-1.10

4.3.0-2.11

4.3.0-5.16

4.3.0-6.17

4.3.0-7.18

4.4.0-2.16

4.4.0-4.19

4.4.0-6.21

4.4.0-7.22

4.4.0-8.23

4.4.0-9.24

4.4.0-10.25

4.4.0-11.26

4.4.0-12.28

4.4.0-13.29

4.4.0-14.30

4.4.0-15.31

4.4.0-16.32

4.4.0-17.33

4.4.0-18.34

4.4.0-21.37

4.4.0-22.39

4.4.0-22.40

4.4.0-24.43

4.4.0-28.47

4.4.0-31.50

4.4.0-34.53

4.4.0-36.55

4.4.0-38.57

4.4.0-42.62

4.4.0-43.63

4.4.0-45.66

4.4.0-47.68

4.4.0-51.72

4.4.0-53.74

4.4.0-57.78

4.4.0-59.80

4.4.0-62.83

4.4.0-63.84

4.4.0-64.85

4.4.0-65.86

4.4.0-66.87

4.4.0-67.88

4.4.0-70.91

4.4.0-71.92

4.4.0-72.93

4.4.0-75.96

4.4.0-77.98

4.4.0-78.99

4.4.0-79.100

4.4.0-81.104

4.4.0-83.106

4.4.0-87.110

4.4.0-89.112

4.4.0-91.114

4.4.0-92.115

4.4.0-93.116

4.4.0-96.119

4.4.0-97.120

4.4.0-98.121

4.4.0-101.124

4.4.0-103.126

4.4.0-104.127

4.4.0-108.131

4.4.0-109.132

4.4.0-112.135

4.4.0-116.140

4.4.0-119.143

4.4.0-121.145

4.4.0-122.146

4.4.0-124.148

4.4.0-127.153

4.4.0-128.154

4.4.0-130.156

4.4.0-131.157

4.4.0-133.159

4.4.0-134.160

4.4.0-135.161

4.4.0-137.163

4.4.0-138.164

4.4.0-139.165

4.4.0-140.166

4.4.0-141.167

4.4.0-142.168

4.4.0-143.169

4.4.0-145.171

4.4.0-146.172

4.4.0-148.174

4.4.0-150.176

4.4.0-151.178

4.4.0-154.181

4.4.0-157.185

4.4.0-159.187

4.4.0-161.189

4.4.0-164.192

4.4.0-165.193

4.4.0-166.195

4.4.0-168.197

4.4.0-169.198

4.4.0-170.199

4.4.0-171.200

4.4.0-173.203

4.4.0-174.204

4.4.0-176.206

4.4.0-177.207

4.4.0-178.208

4.4.0-179.209

4.4.0-184.214

4.4.0-185.215

4.4.0-186.216

4.4.0-187.217

4.4.0-189.219

4.4.0-190.220

4.4.0-193.224

4.4.0-194.226

4.4.0-197.229

4.4.0-198.230

4.4.0-200.232

4.4.0-201.233

4.4.0-203.235

4.4.0-204.236

4.4.0-206.238

4.4.0-208.240

4.4.0-209.241

4.4.0-210.242

4.4.0-211.243

4.4.0-212.244

4.4.0-213.245

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_4_4_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"
}

Ubuntu:Pro:18.04:LTS / linux

Package

Name: linux
Purl: pkg:deb/ubuntu/linux@4.15.0-156.163?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.15.0-156.163

Affected versions

4.*

4.13.0-16.19

4.13.0-17.20

4.13.0-25.29

4.13.0-32.35

4.15.0-10.11

4.15.0-12.13

4.15.0-13.14

4.15.0-15.16

4.15.0-19.20

4.15.0-20.21

4.15.0-22.24

4.15.0-23.25

4.15.0-24.26

4.15.0-29.31

4.15.0-30.32

4.15.0-32.35

4.15.0-33.36

4.15.0-34.37

4.15.0-36.39

4.15.0-38.41

4.15.0-39.42

4.15.0-42.45

4.15.0-43.46

4.15.0-44.47

4.15.0-45.48

4.15.0-46.49

4.15.0-47.50

4.15.0-48.51

4.15.0-50.54

4.15.0-51.55

4.15.0-52.56

4.15.0-54.58

4.15.0-55.60

4.15.0-58.64

4.15.0-60.67

4.15.0-62.69

4.15.0-64.73

4.15.0-65.74

4.15.0-66.75

4.15.0-69.78

4.15.0-70.79

4.15.0-72.81

4.15.0-74.84

4.15.0-76.86

4.15.0-88.88

4.15.0-91.92

4.15.0-96.97

4.15.0-99.100

4.15.0-101.102

4.15.0-106.107

4.15.0-108.109

4.15.0-109.110

4.15.0-111.112

4.15.0-112.113

4.15.0-115.116

4.15.0-117.118

4.15.0-118.119

4.15.0-121.123

4.15.0-122.124

4.15.0-123.126

4.15.0-124.127

4.15.0-126.129

4.15.0-128.131

4.15.0-129.132

4.15.0-130.134

4.15.0-132.136

4.15.0-134.138

4.15.0-135.139

4.15.0-136.140

4.15.0-137.141

4.15.0-139.143

4.15.0-140.144

4.15.0-141.145

4.15.0-142.146

4.15.0-143.147

4.15.0-144.148

4.15.0-147.151

4.15.0-151.157

4.15.0-153.160

4.15.0-154.161

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_4_15_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"
}

Ubuntu:Pro:20.04:LTS / linux

Package

Name: linux
Purl: pkg:deb/ubuntu/linux@5.4.0-84.94?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.4.0-84.94

Affected versions

5.*

5.3.0-18.19

5.3.0-24.26

5.4.0-9.12

5.4.0-18.22

5.4.0-21.25

5.4.0-24.28

5.4.0-25.29

5.4.0-26.30

5.4.0-28.32

5.4.0-29.33

5.4.0-31.35

5.4.0-33.37

5.4.0-37.41

5.4.0-39.43

5.4.0-40.44

5.4.0-42.46

5.4.0-45.49

5.4.0-47.51

5.4.0-48.52

5.4.0-51.56

5.4.0-52.57

5.4.0-53.59

5.4.0-54.60

5.4.0-56.62

5.4.0-58.64

5.4.0-59.65

5.4.0-60.67

5.4.0-62.70

5.4.0-64.72

5.4.0-65.73

5.4.0-66.74

5.4.0-67.75

5.4.0-70.78

5.4.0-71.79

5.4.0-72.80

5.4.0-73.82

5.4.0-74.83

5.4.0-77.86

5.4.0-80.90

5.4.0-81.91

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_5_4_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"
}