First published: Fri Apr 01 2022(Updated: )
It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12888) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. (CVE-2020-26141) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation accepted plaintext fragments in certain situations. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145) It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information (WiFi network traffic). (CVE-2020-3702) It was discovered a race condition existed in the Unix domain socket implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-0920) It was discovered that the IPv6 implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-0935) Zygo Blaxell discovered that the btrfs file system implementation in the Linux kernel contained a race condition during certain cloning operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-28964) Dan Carpenter discovered that the block device manager (dm) implementation in the Linux kernel contained a buffer overflow in the ioctl for listing devices. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2021-31916) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) It was discovered that the network packet filtering implementation in the Linux kernel did not properly initialize information in certain circumstances. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-39636) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-43976) Amit Klein discovered that the IPv4 implementation in the Linux kernel could disclose internal state in some situations. An attacker could possibly use this to expose sensitive information. (CVE-2021-45486)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/linux-image-4.4.0-223-lowlatency | <4.4.0-223.256 | 4.4.0-223.256 |
=16.04 | ||
All of | ||
ubuntu/linux-image-virtual | <4.4.0.223.230 | 4.4.0.223.230 |
=16.04 | ||
All of | ||
ubuntu/linux-image-generic | <4.4.0.223.230 | 4.4.0.223.230 |
=16.04 | ||
All of | ||
ubuntu/linux-image-4.4.0-223-generic | <4.4.0-223.256 | 4.4.0-223.256 |
=16.04 | ||
All of | ||
ubuntu/linux-image-aws | <4.4.0.1139.144 | 4.4.0.1139.144 |
=16.04 | ||
All of | ||
ubuntu/linux-image-4.4.0-1104-kvm | <4.4.0-1104.113 | 4.4.0-1104.113 |
=16.04 | ||
All of | ||
ubuntu/linux-image-kvm | <4.4.0.1104.102 | 4.4.0.1104.102 |
=16.04 | ||
All of | ||
ubuntu/linux-image-4.4.0-1139-aws | <4.4.0-1139.153 | 4.4.0-1139.153 |
=16.04 | ||
All of | ||
ubuntu/linux-image-lowlatency | <4.4.0.223.230 | 4.4.0.223.230 |
=16.04 | ||
All of | ||
ubuntu/linux-image-4.4.0-223-generic | <4.4.0-223.256~14.04.1 | 4.4.0-223.256~14.04.1 |
=14.04 | ||
All of | ||
ubuntu/linux-image-lowlatency-lts-xenial | <4.4.0.223.194 | 4.4.0.223.194 |
=14.04 | ||
All of | ||
ubuntu/linux-image-generic-lts-xenial | <4.4.0.223.194 | 4.4.0.223.194 |
=14.04 | ||
All of | ||
ubuntu/linux-image-aws | <4.4.0.1103.101 | 4.4.0.1103.101 |
=14.04 | ||
All of | ||
ubuntu/linux-image-4.4.0-1103-aws | <4.4.0-1103.108 | 4.4.0-1103.108 |
=14.04 | ||
All of | ||
ubuntu/linux-image-4.4.0-223-lowlatency | <4.4.0-223.256~14.04.1 | 4.4.0-223.256~14.04.1 |
=14.04 | ||
All of | ||
ubuntu/linux-image-virtual-lts-xenial | <4.4.0.223.194 | 4.4.0.223.194 |
=14.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Contains the following vulnerabilities)
The vulnerability ID for this advisory is USN-5361-1.
The severity of USN-5361-1 is not specified in the information provided.
The VFIO PCI driver vulnerability in the Linux kernel allows a local attacker to cause a denial of service (system crash) by improperly handling attempts to access disabled memory spaces.
The WiFi implementation vulnerability in the Linux kernel allows an attacker within Wi-Fi range to decrypt traffic, inject malicious packets, and potentially impersonate network services or deploy RADIUS attacks.
The affected software versions for USN-5361-1 include Ubuntu 16.04 and 14.04 with various Linux kernel versions.