USN-4916-1

Details

It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. (CVE-2021-3493)

Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29154)

Affected Packages(22 packages)

linux

Ubuntu 16.04 LTS

Fixed in:

4.4.0-209.241

linux-aws

Ubuntu 16.04 LTS

Fixed in:

4.4.0-1127.141

linux-aws-hwe

Ubuntu 16.04 LTS

Fixed in:

4.15.0-1099.106~16.04.1

linux-azure

Ubuntu 16.04 LTS

Fixed in:

4.15.0-1113.126~16.04.1

linux-gcp

Ubuntu 16.04 LTS

Fixed in:

4.15.0-1098.111~16.04.1

linux-hwe

Ubuntu 16.04 LTS

Fixed in:

4.15.0-142.146~16.04.1

linux-kvm

Ubuntu 16.04 LTS

Fixed in:

4.4.0-1092.101

linux-oracle

Ubuntu 16.04 LTS

Fixed in:

4.15.0-1070.78~16.04.1

linux-raspi2

Ubuntu 16.04 LTS

Fixed in:

4.4.0-1151.162

linux-snapdragon

Ubuntu 16.04 LTS

Fixed in:

4.4.0-1155.165

References

REPORThttps://ubuntu.com/security/CVE-2021-29154 REPORThttps://ubuntu.com/security/CVE-2021-3493 ADVISORYhttps://ubuntu.com/security/notices/USN-4916-1

USN-4916-1

Details

Affected Packages(22 packages)

References

Upstream

Ecosystems

Timeline