USN-5219-1

Details

It was discovered that the eBPF implementation in the Linux kernel did not properly validate the memory size of certain ring buffer operation arguments. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

Affected Packages

linux-aws-5.11

Ubuntu 20.04 LTS

Fixed in:

5.11.0-1025.27~20.04.1

linux-azure-5.11

Ubuntu 20.04 LTS

Fixed in:

5.11.0-1025.27~20.04.1

linux-gcp-5.11

Ubuntu 20.04 LTS

Fixed in:

5.11.0-1026.29~20.04.1

linux-hwe-5.11

Ubuntu 20.04 LTS

Fixed in:

5.11.0-46.51~20.04.1

linux-oem-5.10

Ubuntu 20.04 LTS

Fixed in:

5.10.0-1055.58

linux-oracle-5.11

Ubuntu 20.04 LTS

Fixed in:

5.11.0-1025.27~20.04.1

References

REPORThttps://launchpad.net/bugs/1956585 REPORThttps://ubuntu.com/security/CVE-2021-4204 ADVISORYhttps://ubuntu.com/security/notices/USN-5219-1

USN-5219-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline