Ubuntu update for linux-oem-5.10
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 4 |
| CVE-ID | CVE-2021-33200 CVE-2021-29155 CVE-2021-31829 CVE-2021-3501 |
| CWE-ID | CWE-787 CWE-125 CWE-200 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software |
Ubuntu Operating systems & Components / Operating system linux-image-oem-20.04b (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-oem-20.04 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-5.10.0-1029-oem (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 4 vulnerabilities.
1) Out-of-bounds write
EUVDB-ID: #VU87989
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-33200
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in kernel/bpf/verifier.c. A local user can trigger an out-of-bounds write and escalate privileges on the system.
Update the affected package linux-oem-5.10 to the latest version.
Vulnerable software versionsUbuntu: 20.04
linux-image-oem-20.04b (Ubuntu package): before 5.10.0.1029.30
linux-image-oem-20.04 (Ubuntu package): before 5.10.0.1029.30
linux-image-5.10.0-1029-oem (Ubuntu package): before 5.10.0-1029.30
CPE2.3- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:linux-image-oem-20.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-oem-20.04:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-5.10.0-1029-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-4983-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU67490
Risk: Low
CVSSv4.0: 5.2 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID: CVE-2021-29155
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: Yes
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists in retrieve_ptr_limit in kernel/bpf/verifier.c in the Linux kernel mechanism. A local, special user privileged (CAP_SYS_ADMIN) BPF program running on affected systems may bypass the protection, and execute speculatively out-of-bounds loads from the kernel memory.
MitigationUpdate the affected package linux-oem-5.10 to the latest version.
Vulnerable software versionsUbuntu: 20.04
linux-image-oem-20.04b (Ubuntu package): before 5.10.0.1029.30
linux-image-oem-20.04 (Ubuntu package): before 5.10.0.1029.30
linux-image-5.10.0-1029-oem (Ubuntu package): before 5.10.0-1029.30
CPE2.3- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:linux-image-oem-20.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-oem-20.04:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-5.10.0-1029-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-4983-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
3) Information disclosure
EUVDB-ID: #VU67181
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-31829
CWE-ID:
CWE-200 - Exposure of sensitive information to an unauthorized actor
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to potentially sensitive information.
The vulnerability exists due to excessive data output in the Linux kernel's eBPF verification code. A local user can insert eBPF instructions, use the eBPF verifier to abuse a spectre-like flaw and infer all system memory.
Update the affected package linux-oem-5.10 to the latest version.
Vulnerable software versionsUbuntu: 20.04
linux-image-oem-20.04b (Ubuntu package): before 5.10.0.1029.30
linux-image-oem-20.04 (Ubuntu package): before 5.10.0.1029.30
linux-image-5.10.0-1029-oem (Ubuntu package): before 5.10.0-1029.30
CPE2.3- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:linux-image-oem-20.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-oem-20.04:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-5.10.0-1029-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-4983-1
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Out-of-bounds write
EUVDB-ID: #VU54316
Risk: Low
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2021-3501
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
Description The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a boundary error in the KVM API in Linux kernel. A local user can run a specially crafted program to trigger an out-of-bounds write and escalate privileges on the system.
Update the affected package linux-oem-5.10 to the latest version.
Vulnerable software versionsUbuntu: 20.04
linux-image-oem-20.04b (Ubuntu package): before 5.10.0.1029.30
linux-image-oem-20.04 (Ubuntu package): before 5.10.0.1029.30
linux-image-5.10.0-1029-oem (Ubuntu package): before 5.10.0-1029.30
CPE2.3- cpe:2.3:o:canonical:ubuntu:20.04:*:*:*:*:*:*:*
- cpe:2.3:a:canonical:linux-image-oem-20.04b_ubuntu_package:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-oem-20.04:*:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:linux-image-5.10.0-1029-oem_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://ubuntu.com/security/notices/USN-4983-1
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
