USN-5361-1: Linux kernel vulnerabilities
First published: Fri Apr 01 2022(Updated: )
It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12888) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. (CVE-2020-26141) Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation accepted plaintext fragments in certain situations. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145) It was discovered that a race condition existed in the Atheros Ath9k WiFi driver in the Linux kernel. An attacker could possibly use this to expose sensitive information (WiFi network traffic). (CVE-2020-3702) It was discovered a race condition existed in the Unix domain socket implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-0920) It was discovered that the IPv6 implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-0935) Zygo Blaxell discovered that the btrfs file system implementation in the Linux kernel contained a race condition during certain cloning operations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-28964) Dan Carpenter discovered that the block device manager (dm) implementation in the Linux kernel contained a buffer overflow in the ioctl for listing devices. A privileged local attacker could use this to cause a denial of service (system crash). (CVE-2021-31916) It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159) It was discovered that the network packet filtering implementation in the Linux kernel did not properly initialize information in certain circumstances. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-39636) Jann Horn discovered a race condition in the Unix domain socket implementation in the Linux kernel that could result in a read-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-4083) Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-42739) Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver in the Linux kernel did not properly handle some error conditions. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2021-43976) Amit Klein discovered that the IPv4 implementation in the Linux kernel could disclose internal state in some situations. An attacker could possibly use this to expose sensitive information. (CVE-2021-45486)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-4.4.0-223-lowlatency | <4.4.0-223.256 | 4.4.0-223.256 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-virtual | <4.4.0.223.230 | 4.4.0.223.230 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-generic | <4.4.0.223.230 | 4.4.0.223.230 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-4.4.0-223-generic | <4.4.0-223.256 | 4.4.0-223.256 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-aws | <4.4.0.1139.144 | 4.4.0.1139.144 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-4.4.0-1104-kvm | <4.4.0-1104.113 | 4.4.0-1104.113 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-kvm | <4.4.0.1104.102 | 4.4.0.1104.102 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-4.4.0-1139-aws | <4.4.0-1139.153 | 4.4.0-1139.153 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-lowlatency | <4.4.0.223.230 | 4.4.0.223.230 |
| =16.04 | ||
| All of | ||
| ubuntu/linux-image-4.4.0-223-generic | <4.4.0-223.256~14.04.1 | 4.4.0-223.256~14.04.1 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-lowlatency-lts-xenial | <4.4.0.223.194 | 4.4.0.223.194 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-generic-lts-xenial | <4.4.0.223.194 | 4.4.0.223.194 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-aws | <4.4.0.1103.101 | 4.4.0.1103.101 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-4.4.0-1103-aws | <4.4.0-1103.108 | 4.4.0-1103.108 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-4.4.0-223-lowlatency | <4.4.0-223.256~14.04.1 | 4.4.0-223.256~14.04.1 |
| =14.04 | ||
| All of | ||
| ubuntu/linux-image-virtual-lts-xenial | <4.4.0.223.194 | 4.4.0.223.194 |
| =14.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2021-42739
- https://ubuntu.com/security/CVE-2021-43976
- https://ubuntu.com/security/CVE-2020-26145
- https://ubuntu.com/security/CVE-2021-39636
- https://ubuntu.com/security/CVE-2021-45486
- https://ubuntu.com/security/CVE-2020-26141
- https://ubuntu.com/security/CVE-2021-0935
- https://ubuntu.com/security/CVE-2021-4083
- https://ubuntu.com/security/CVE-2020-3702
- https://ubuntu.com/security/CVE-2021-37159
- https://ubuntu.com/security/CVE-2020-12888
- https://ubuntu.com/security/CVE-2021-28964
- https://ubuntu.com/security/CVE-2021-31916
- https://ubuntu.com/security/CVE-2021-0920
- https://ubuntu.com/security/notices/USN-5165-1
- https://ubuntu.com/security/notices/USN-5207-1
- https://ubuntu.com/security/notices/USN-5265-1
- https://ubuntu.com/security/notices/USN-5266-1
- https://ubuntu.com/security/notices/USN-5267-1
- https://ubuntu.com/security/notices/USN-5268-1
- https://ubuntu.com/security/notices/USN-5267-3
- https://ubuntu.com/security/notices/USN-5302-1
- https://ubuntu.com/security/notices/USN-5338-1
- https://ubuntu.com/security/notices/USN-5339-1
- https://ubuntu.com/security/notices/USN-5377-1
- https://ubuntu.com/security/notices/USN-5383-1
- https://ubuntu.com/security/notices/USN-4997-1
- https://ubuntu.com/security/notices/USN-4999-1
- https://ubuntu.com/security/notices/USN-5000-1
- https://ubuntu.com/security/notices/USN-5001-1
- https://ubuntu.com/security/notices/USN-5000-2
- https://ubuntu.com/security/notices/USN-4997-2
- https://ubuntu.com/security/notices/USN-5278-1
- https://ubuntu.com/security/notices/USN-5294-1
- https://ubuntu.com/security/notices/USN-5295-1
- https://ubuntu.com/security/notices/USN-5295-2
- https://ubuntu.com/security/notices/USN-5297-1
- https://ubuntu.com/security/notices/USN-5294-2
- https://ubuntu.com/security/notices/USN-5298-1
- https://ubuntu.com/security/notices/USN-5362-1
- https://ubuntu.com/security/notices/USN-5113-1
- https://ubuntu.com/security/notices/USN-5114-1
- https://ubuntu.com/security/notices/USN-5115-1
- https://ubuntu.com/security/notices/USN-5116-1
- https://ubuntu.com/security/notices/USN-5116-2
- https://ubuntu.com/security/notices/USN-5092-1
- https://ubuntu.com/security/notices/USN-5092-2
- https://ubuntu.com/security/notices/USN-5096-1
- https://ubuntu.com/security/notices/USN-5163-1
- https://ubuntu.com/security/notices/USN-5164-1
- https://ubuntu.com/security/notices/USN-4525-1
- https://ubuntu.com/security/notices/USN-4526-1
- https://ubuntu.com/security/notices/USN-4948-1
- https://ubuntu.com/security/notices/USN-4979-1
- https://ubuntu.com/security/notices/USN-4982-1
- https://ubuntu.com/security/notices/USN-4984-1
- https://ubuntu.com/security/notices/USN-5361-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What is the vulnerability ID for this advisory?
The vulnerability ID for this advisory is USN-5361-1.
What is the severity of USN-5361-1?
The severity of USN-5361-1 is not specified in the information provided.
How does the VFIO PCI driver vulnerability (CVE-2020-12888) affect the Linux kernel?
The VFIO PCI driver vulnerability in the Linux kernel allows a local attacker to cause a denial of service (system crash) by improperly handling attempts to access disabled memory spaces.
What is the impact of the WiFi implementation vulnerability (CVE-2021-42739) on the Linux kernel?
The WiFi implementation vulnerability in the Linux kernel allows an attacker within Wi-Fi range to decrypt traffic, inject malicious packets, and potentially impersonate network services or deploy RADIUS attacks.
What are the affected software versions for USN-5361-1?
The affected software versions for USN-5361-1 include Ubuntu 16.04 and 14.04 with various Linux kernel versions.
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/references
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/title
- agent/type
- agent/weakness
- collector/usn
- source/Ubuntu
- anchor-related/USN-5165-1
- anchor-related/USN-5207-1
- anchor-related/USN-5265-1
- anchor-related/USN-5266-1
- anchor-related/USN-5267-1
- anchor-related/USN-5268-1
- anchor-related/USN-5267-3
- anchor-related/USN-5302-1
- anchor-related/USN-5338-1
- anchor-related/USN-5339-1
- anchor-related/USN-5377-1
- anchor-related/USN-5383-1
- anchor-related/USN-4997-1
- anchor-related/USN-4999-1
- anchor-related/USN-5000-1
- anchor-related/USN-5001-1
- anchor-related/USN-5000-2
- anchor-related/USN-4997-2
- anchor-related/USN-5278-1
- anchor-related/USN-5294-1
- anchor-related/USN-5295-1
- anchor-related/USN-5295-2
- anchor-related/USN-5297-1
- anchor-related/USN-5294-2
- anchor-related/USN-5298-1
- anchor-related/USN-5362-1
- anchor-related/USN-5113-1
- anchor-related/USN-5114-1
- anchor-related/USN-5115-1
- anchor-related/USN-5116-1
- anchor-related/USN-5116-2
- anchor-related/USN-5092-1
- anchor-related/USN-5092-2
- anchor-related/USN-5096-1
- anchor-related/USN-5163-1
- anchor-related/USN-5164-1
- anchor-related/USN-4525-1
- anchor-related/USN-4526-1
- anchor-related/USN-4948-1
- anchor-related/USN-4979-1
- anchor-related/USN-4982-1
- anchor-related/USN-4984-1
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/16.04
- version/ubuntu ubuntu/14.04