SB2021041397 - Ubuntu update for linux

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2021041397

SB2021041397 - Ubuntu update for linux

Published: April 13, 2021

Security Bulletin ID SB2021041397
Severity
Medium
Patch available
YES
Number of vulnerabilities 11
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 9% Low 91%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 11 secuirty vulnerabilities.


1) Denial of service (CVE-ID: CVE-2015-1350)

The vulnerability allows a local attacker to cause DoS conditions on the target system.

The weakness exists due to underspecified removing of extended privilege attributes caused by incomplete set of requirements for setattr operations. A local can invoke chown or system call, trigger an error in notify_change for filesystem xattrs and cause the ping or Wireshark dumpcap program to crash.

Successful exploitation of the vulnerability results in denial of service.

2) Error handling (CVE-ID: CVE-2017-16644)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The weakness exists due to an error in the hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through in the Linux kernel. A local attacker can supply a specially crafted USB device, trigger improper error handling and cause the system to crash.

Successful exploitation of the vulnerability results in denial of service.

3) Information exposure (CVE-ID: CVE-2017-5967)

The vulnerability allows a local non-authenticated attacker to gain access to sensitive information.

The vulnerability exists due to information exposure error within the __queue_delayed_work() function in kernel/workqueue.c, within the copyright() function in kernel/time/timer_stats.c, within the print_timer() function in kernel/time/timer_list.c, within the internal_add_timer(), do_init_timer(), __mod_timer(), add_timer_on(), del_timer(), try_to_del_timer_sync(), expire_timers() and init_timer_cpus() functions in kernel/time/timer.c, within the hrtimers_resume(), remove_hrtimer(), hrtimer_start_range_ns(), __hrtimer_init() and __run_hrtimer() functions in kernel/time/hrtimer.c, within the __kthread_queue_delayed_work() function in kernel/kthread.c. A local non-authenticated attacker can gain access to sensitive information.


4) Null pointer dereference (CVE-ID: CVE-2018-13095)

The vulnerability allows a local attacker to cause DoS condition on the target system.

The vulnerability exists in the xfs_bmap_extents_to_btree() function in the Extended File System (XFS) component, as defined in the source code file fs/xfs/libxfs/xfs_inode_buf.c due to boundary error when mounting XFS filesystems. A local attacker can access the system, mount an XFS filesystem that submits malicious input, trigger a NULL pointer dereference memory error and cause the affected software to terminate abnormally.


5) Null pointer dereference (CVE-ID: CVE-2019-16231)

The vulnerability allows a local privileged user to perform a denial of service (DoS) attack.

drivers/net/fjes/fjes_main.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.


6) Null pointer dereference (CVE-ID: CVE-2019-16232)

The vulnerability allows a local privileged user to perform a denial of service (DoS) attack.

drivers/net/wireless/marvell/libertas/if_sdio.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference.


7) Memory leak (CVE-ID: CVE-2019-19061)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the "adis_update_scan_mode_burst()" function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows a local user to cause a denial of service (memory consumption).


8) Race condition (CVE-ID: CVE-2021-20261)

The vulnerability allows a local privileged user to execute arbitrary code.

The vulnerability exists due to a race condition within the set_fdc(), do_format(), user_reset_fdc(), set_geometry(), get_floppy_geometry(), fd_locked_ioctl(), floppy_check_events() and floppy_revalidate() functions in drivers/block/floppy.c. A local privileged user can execute arbitrary code.


9) Resource management error (CVE-ID: CVE-2021-26930)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper management of internal resources when processing service requests to the PV backend within drivers/block/xen-blkback/blkback.c driver in Xen. A local user on the guest OS can perform a denial of service (DoS) attack.


10) Allocation of resources without limits or throttling (CVE-ID: CVE-2021-26931)

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to allocation of resources without limits or throttling error within the scsiback_gnttab_data_map_batch() function in drivers/xen/xen-scsiback.c. A local user can perform a denial of service (DoS) attack.


11) Allocation of resources without limits or throttling (CVE-ID: CVE-2021-28038)

The vulnerability allows a local user to a crash the entire system.

The vulnerability exists due to allocation of resources without limits or throttling error within the xenvif_tx_action() function in drivers/net/xen-netback/netback.c. A local user can a crash the entire system.


Remediation

Install update from vendor's website.

References