USN-5592-1

Details

Asaf Modelevsky discovered that the Intel(R) 10GbE PCI Express (ixgbe) Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. (CVE-2021-33061)

It was discovered that the virtual terminal driver in the Linux kernel did not properly handle VGA console font changes, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33656)

Affected Packages

Ubuntu:18.04:LTSlinux-gcp-5.4

Fixed in:

5.4.0-1087.95~18.04.1

Ubuntu:18.04:LTSlinux-ibm-5.4

Fixed in:

5.4.0-1032.36~18.04.1

Ubuntu:18.04:LTSlinux-oracle-5.4

Fixed in:

5.4.0-1082.90~18.04.1

Ubuntu:20.04:LTSlinux-aws

Fixed in:

5.4.0-1084.91

Ubuntu:20.04:LTSlinux-azure

Fixed in:

5.4.0-1090.95

Ubuntu:20.04:LTSlinux-bluefield

Fixed in:

5.4.0-1045.50

Ubuntu:20.04:LTSlinux-gcp

Fixed in:

5.4.0-1087.95

Ubuntu:20.04:LTSlinux-gke

Fixed in:

5.4.0-1081.87

Ubuntu:20.04:LTSlinux-gkeop

Fixed in:

5.4.0-1052.55

Ubuntu:20.04:LTSlinux-ibm

Fixed in:

5.4.0-1032.36

Ubuntu:20.04:LTSlinux-kvm

Fixed in:

5.4.0-1074.79

Ubuntu:20.04:LTSlinux-oracle

Fixed in:

5.4.0-1082.90

References

REPORThttps://ubuntu.com/security/CVE-2021-33061 REPORThttps://ubuntu.com/security/CVE-2021-33656 ADVISORYhttps://ubuntu.com/security/notices/USN-5592-1

USN-5592-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline