USN-5164-1

Details

It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159)

It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3744, CVE-2021-3764)

Affected Packages(15 packages)

linux

Ubuntu 18.04 LTS

Fixed in:

4.15.0-163.171

linux-aws

Ubuntu 18.04 LTS

Fixed in:

4.15.0-1116.123

linux-azure-4.15

Ubuntu 18.04 LTS

Fixed in:

4.15.0-1127.140

linux-dell300x

Ubuntu 18.04 LTS

Fixed in:

4.15.0-1031.36

linux-gcp-4.15

Ubuntu 18.04 LTS

Fixed in:

4.15.0-1112.126

linux-kvm

Ubuntu 18.04 LTS

Fixed in:

4.15.0-1103.105

linux-oracle

Ubuntu 18.04 LTS

Fixed in:

4.15.0-1084.92

linux-raspi2

Ubuntu 18.04 LTS

Fixed in:

4.15.0-1099.106

linux-snapdragon

Ubuntu 18.04 LTS

Fixed in:

4.15.0-1116.125

linux-azure

Ubuntu Pro 14.04 LTS

Fixed in:

4.15.0-1127.140~14.04.1

References

REPORThttps://ubuntu.com/security/CVE-2021-37159 REPORThttps://ubuntu.com/security/CVE-2021-3744 REPORThttps://ubuntu.com/security/CVE-2021-3764 ADVISORYhttps://ubuntu.com/security/notices/USN-5164-1

USN-5164-1

Details

Affected Packages(15 packages)

References

Upstream

Ecosystems

Timeline