USN-4915-1
See a problem?- Source
- https://ubuntu.com/security/notices/USN-4915-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4915-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-4915-1
- Related
- Published
- 2021-04-15T22:22:20.953502Z
- Modified
- 2021-04-15T22:22:20.953502Z
- Summary
- linux-oem-5.6 vulnerabilities
- Details
-
It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. (CVE-2021-3493)
Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copyfromuser() when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service (memory exhaustion) or execute arbitrary code. (CVE-2021-3492)
- References
Affected packages
Ubuntu:20.04:LTS / linux-oem-5.6
Package
- Name
- linux-oem-5.6
- Purl
- pkg:deb/ubuntu/linux-oem-5.6@5.6.0-1054.58?arch=src?distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.6.0-1054.58
Affected versions
5.*
5.6.0-1007.7
5.6.0-1008.8
5.6.0-1010.10
5.6.0-1011.11
5.6.0-1013.13
5.6.0-1017.17
5.6.0-1018.18
5.6.0-1020.20
5.6.0-1021.21
5.6.0-1023.23
5.6.0-1026.26
5.6.0-1027.27
5.6.0-1028.28
5.6.0-1031.32
5.6.0-1032.33
5.6.0-1033.35
5.6.0-1034.36
5.6.0-1035.37
5.6.0-1036.39
5.6.0-1039.43
5.6.0-1042.46
5.6.0-1047.51
5.6.0-1048.52
5.6.0-1050.54
5.6.0-1052.56
5.6.0-1053.57
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"linux-image-unsigned-5.6.0-1054-oem": "5.6.0-1054.58",
"linux-buildinfo-5.6.0-1054-oem": "5.6.0-1054.58",
"linux-oem-5.6-headers-5.6.0-1054": "5.6.0-1054.58",
"linux-tools-5.6.0-1054-oem": "5.6.0-1054.58",
"linux-headers-5.6.0-1054-oem": "5.6.0-1054.58",
"linux-image-unsigned-5.6.0-1054-oem-dbgsym": "5.6.0-1054.58",
"linux-oem-5.6-tools-5.6.0-1054": "5.6.0-1054.58",
"linux-modules-5.6.0-1054-oem": "5.6.0-1054.58",
"linux-oem-5.6-tools-host": "5.6.0-1054.58"
}
]
}