USN-5014-1

Details

It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.

Affected Packages

Ubuntu:18.04:LTSlinux-gke-5.3

Fixed in:

5.3.0-1045.48

Ubuntu:18.04:LTSlinux-hwe

Fixed in:

5.3.0-76.72

Ubuntu:18.04:LTSlinux-raspi2-5.3

Fixed in:

5.3.0-1042.44

Ubuntu:Pro:14.04:LTSlinux

Fixed in:

3.13.0-186.237

Ubuntu:Pro:14.04:LTSlinux-aws

Fixed in:

4.4.0-1094.99

Ubuntu:Pro:14.04:LTSlinux-lts-xenial

Fixed in:

4.4.0-212.244~14.04.1

Ubuntu:Pro:16.04:LTSlinux

Fixed in:

4.4.0-212.244

Ubuntu:Pro:16.04:LTSlinux-aws

Fixed in:

4.4.0-1130.144

Ubuntu:Pro:16.04:LTSlinux-kvm

Fixed in:

4.4.0-1095.104

References

REPORThttps://ubuntu.com/security/CVE-2021-33909 ADVISORYhttps://ubuntu.com/security/notices/USN-5014-1

USN-5014-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline