What is the severity of USN-5082-1?

The severity of USN-5082-1 is high.

What is the description of USN-5082-1?

USN-5082-1 describes a vulnerability in the Linux kernel that allows an attacker to read or write portions of the host's physical memory.

How can an attacker exploit USN-5082-1?

An attacker can exploit USN-5082-1 by running a malicious guest VM and using it to disable restrictions on VMLOAD/VMSAVE in a nested guest.

What software is affected by USN-5082-1?

The affected software includes the Linux kernel images linux-image-oem-20.04c and linux-image-5.13.0-1012-oem on Ubuntu 20.04.

How do I fix USN-5082-1?

To fix USN-5082-1, update the affected software to version 5.13.0.1012.16 or later.

Vulnerability/
USN-5082-1

CWE

416 362

16/9/2021

USN-5082-1: Linux kernel (OEM) vulnerabilities

First published: Thu Sep 16 2021(Updated: )

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. (CVE-2021-3656) Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. (CVE-2021-3653) Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609)

Affected Software	Affected Version	How to fix
All of
ubuntu/linux-image-oem-20.04c	<5.13.0.1012.16	5.13.0.1012.16
	=20.04
All of
ubuntu/linux-image-5.13.0-1012-oem	<5.13.0-1012.16	5.13.0-1012.16
	=20.04

Never miss a vulnerability like this again

Reference Links

Child vulnerabilities

(Contains the following vulnerabilities)

Frequently Asked Questions

What is the severity of USN-5082-1?
The severity of USN-5082-1 is high.
What is the description of USN-5082-1?
USN-5082-1 describes a vulnerability in the Linux kernel that allows an attacker to read or write portions of the host's physical memory.
How can an attacker exploit USN-5082-1?
An attacker can exploit USN-5082-1 by running a malicious guest VM and using it to disable restrictions on VMLOAD/VMSAVE in a nested guest.
What software is affected by USN-5082-1?
The affected software includes the Linux kernel images linux-image-oem-20.04c and linux-image-5.13.0-1012-oem on Ubuntu 20.04.
How do I fix USN-5082-1?
To fix USN-5082-1, update the affected software to version 5.13.0.1012.16 or later.

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
agent/weakness
collector/usn
source/Ubuntu
anchor-related/USN-5062-1
anchor-related/USN-5070-1
anchor-related/USN-5071-1
anchor-related/USN-5072-1
anchor-related/USN-5073-1
anchor-related/USN-5071-2
anchor-related/USN-5073-2
anchor-related/USN-4997-1
anchor-related/USN-5002-1
anchor-related/USN-4999-1
anchor-related/USN-5000-1
anchor-related/USN-5001-1
anchor-related/USN-5003-1
anchor-related/USN-5000-2
anchor-related/USN-4997-2
anchor-related/USN-5505-1
anchor-related/USN-5513-1
agent/software-canonical-lookup
package-manager/ubuntu
vendor/ubuntu
canonical/ubuntu ubuntu
version/ubuntu ubuntu/20.04