CVE 2021-3492
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (kernel memory exhaustion) or gain privileges via executing arbitrary code. AKA ZDI-CAN-13562.
Related bugs and status
CVE-2021-3492 (Candidate) is related to these bugs:
Bug #1917433: riscv: revert SiFive Unleashed CPUFreq
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1917433 | riscv: revert SiFive Unleashed CPUFreq | linux-riscv (Ubuntu) | Undecided | Fix Released | ||
1917433 | riscv: revert SiFive Unleashed CPUFreq | linux-riscv (Ubuntu Groovy) | Medium | Fix Released |
Bug #1921050: focal/linux-riscv-5.8: 5.8.0-21.23~20.04.1 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1921050 | focal/linux-riscv-5.8: 5.8.0-21.23~20.04.1 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1921050 | focal/linux-riscv-5.8: 5.8.0-21.23~20.04.1 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Invalid | ||
1921050 | focal/linux-riscv-5.8: 5.8.0-21.23~20.04.1 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
1921050 | focal/linux-riscv-5.8: 5.8.0-21.23~20.04.1 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1921050 | focal/linux-riscv-5.8: 5.8.0-21.23~20.04.1 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1921050 | focal/linux-riscv-5.8: 5.8.0-21.23~20.04.1 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1921050 | focal/linux-riscv-5.8: 5.8.0-21.23~20.04.1 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | New | ||
1921050 | focal/linux-riscv-5.8: 5.8.0-21.23~20.04.1 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Incomplete | ||
1921050 | focal/linux-riscv-5.8: 5.8.0-21.23~20.04.1 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
1921050 | focal/linux-riscv-5.8: 5.8.0-21.23~20.04.1 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1921050 | focal/linux-riscv-5.8: 5.8.0-21.23~20.04.1 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
1921050 | focal/linux-riscv-5.8: 5.8.0-21.23~20.04.1 -proposed tracker | linux-riscv-5.8 (Ubuntu Focal) | Medium | Fix Released |
Bug #1921051: groovy/linux-riscv: 5.8.0-21.23 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1921051 | groovy/linux-riscv: 5.8.0-21.23 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1921051 | groovy/linux-riscv: 5.8.0-21.23 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Invalid | ||
1921051 | groovy/linux-riscv: 5.8.0-21.23 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
1921051 | groovy/linux-riscv: 5.8.0-21.23 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1921051 | groovy/linux-riscv: 5.8.0-21.23 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1921051 | groovy/linux-riscv: 5.8.0-21.23 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1921051 | groovy/linux-riscv: 5.8.0-21.23 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | New | ||
1921051 | groovy/linux-riscv: 5.8.0-21.23 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Incomplete | ||
1921051 | groovy/linux-riscv: 5.8.0-21.23 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
1921051 | groovy/linux-riscv: 5.8.0-21.23 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1921051 | groovy/linux-riscv: 5.8.0-21.23 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
1921051 | groovy/linux-riscv: 5.8.0-21.23 -proposed tracker | linux-riscv (Ubuntu Groovy) | Medium | Fix Released |
Bug #1966483: jammy/linux-gke: 5.15.0-1002.2 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1966483 | jammy/linux-gke: 5.15.0-1002.2 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1966483 | jammy/linux-gke: 5.15.0-1002.2 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1966483 | jammy/linux-gke: 5.15.0-1002.2 -proposed tracker | Kernel SRU Workflow boot-testing | Medium | Fix Released | ||
1966483 | jammy/linux-gke: 5.15.0-1002.2 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1966483 | jammy/linux-gke: 5.15.0-1002.2 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1966483 | jammy/linux-gke: 5.15.0-1002.2 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
1966483 | jammy/linux-gke: 5.15.0-1002.2 -proposed tracker | Kernel SRU Workflow promote-signing-to-proposed | Medium | Invalid | ||
1966483 | jammy/linux-gke: 5.15.0-1002.2 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1966483 | jammy/linux-gke: 5.15.0-1002.2 -proposed tracker | Kernel SRU Workflow promote-to-release | Medium | Fix Released | ||
1966483 | jammy/linux-gke: 5.15.0-1002.2 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
1966483 | jammy/linux-gke: 5.15.0-1002.2 -proposed tracker | Kernel SRU Workflow sru-review | Medium | Fix Released | ||
1966483 | jammy/linux-gke: 5.15.0-1002.2 -proposed tracker | linux-gke (Ubuntu Jammy) | Medium | Fix Released |
See the
CVE page on Mitre.org
for more details.