USN-5164-1

Details

It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-37159)

It was discovered that the AMD Cryptographic Coprocessor (CCP) driver in the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2021-3744, CVE-2021-3764)

Affected Packages

Ubuntu:18.04:LTSlinux

Fixed in:

4.15.0-163.171

Ubuntu:18.04:LTSlinux-aws

Fixed in:

4.15.0-1116.123

Ubuntu:18.04:LTSlinux-azure-4.15

Fixed in:

4.15.0-1127.140

Ubuntu:18.04:LTSlinux-dell300x

Fixed in:

4.15.0-1031.36

Ubuntu:18.04:LTSlinux-gcp-4.15

Fixed in:

4.15.0-1112.126

Ubuntu:18.04:LTSlinux-kvm

Fixed in:

4.15.0-1103.105

Ubuntu:18.04:LTSlinux-oracle

Fixed in:

4.15.0-1084.92

Ubuntu:18.04:LTSlinux-raspi2

Fixed in:

4.15.0-1099.106

Ubuntu:18.04:LTSlinux-snapdragon

Fixed in:

4.15.0-1116.125

Ubuntu:Pro:14.04:LTSlinux-azure

Fixed in:

4.15.0-1127.140~14.04.1

Ubuntu:Pro:16.04:LTSlinux-aws-hwe

Fixed in:

4.15.0-1116.123~16.04.1

Ubuntu:Pro:16.04:LTSlinux-azure

Fixed in:

4.15.0-1127.140~16.04.1

Ubuntu:Pro:16.04:LTSlinux-gcp

Fixed in:

4.15.0-1112.126~16.04.1

Ubuntu:Pro:16.04:LTSlinux-hwe

Fixed in:

4.15.0-163.171~16.04.1

Ubuntu:Pro:16.04:LTSlinux-oracle

Fixed in:

4.15.0-1084.92~16.04.1

References

REPORThttps://ubuntu.com/security/CVE-2021-37159 REPORThttps://ubuntu.com/security/CVE-2021-3744 REPORThttps://ubuntu.com/security/CVE-2021-3764 ADVISORYhttps://ubuntu.com/security/notices/USN-5164-1

USN-5164-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline