First published: Wed Sep 29 2021(Updated: )
Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. (CVE-2021-41073) Benedict Schlueter discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side- channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-34556) Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not properly protect against Speculative Store Bypass (SSB) side-channel attacks in some situations. A local attacker could possibly use this to expose sensitive information. (CVE-2021-35477) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) It was discovered that the tracing subsystem in the Linux kernel did not properly keep track of per-cpu ring buffer state. A privileged attacker could use this to cause a denial of service. (CVE-2021-3679) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) Alois Wohlschlager discovered that the overlay file system in the Linux kernel did not restrict private clones in some situations. An attacker could use this to expose sensitive information. (CVE-2021-3732) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160) It was discovered that the BPF subsystem in the Linux kernel contained an integer overflow in its hash table implementation. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-38166) Michael Wakabayashi discovered that the NFSv4 client implementation in the Linux kernel did not properly order connection setup operations. An attacker controlling a remote NFS server could use this to cause a denial of service on the client. (CVE-2021-38199) It was discovered that the Sun RPC implementation in the Linux kernel contained an out-of-bounds access error. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38201) It was discovered that the NFS server implementation in the Linux kernel contained an out-of-bounds read when the trace even framework is being used for nfsd. A remote attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38202) Naohiro Aota discovered that the btrfs file system in the Linux kernel contained a race condition in situations that triggered allocations of new system chunks. A local attacker could possibly use this to cause a denial of service (deadlock). (CVE-2021-38203) It was discovered that the MAX-3421 host USB device driver in the Linux kernel did not properly handle device removal events. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-38204) It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the Linux kernel could report pointer addresses in some situations. An attacker could use this information to ease the exploitation of another vulnerability. (CVE-2021-38205) It was discovered that the ext4 file system in the Linux kernel contained a race condition when writing xattrs to an inode. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2021-40490)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/linux-image-5.13.0-1014-oem | <5.13.0-1014.18 | 5.13.0-1014.18 |
=20.04 | ||
All of | ||
ubuntu/linux-image-oem-20.04c | <5.13.0.1014.18 | 5.13.0.1014.18 |
=20.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Contains the following vulnerabilities)
The severity of CVE-2021-41073 is high.
A local attacker can exploit CVE-2021-41073 by coercing the io_uring subsystem to free adjacent memory, allowing them to execute arbitrary code.
The remedy for CVE-2021-41073 is to update to the fixed version 5.13.0-1014.18 of the linux-image-5.13.0-1014-oem package.
The severity of CVE-2021-38204 is high.
The severity of CVE-2021-3679 is high.
The severity of CVE-2021-34556 is not available.