Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

LSN-0083-1: Kernel Live Patch Security Notice

6 January 2022

Several security issues were fixed in the kernel.

Releases

Software Description

  • aws - Linux kernel for Amazon Web Services (AWS) systems - (>= 4.15.0-1054, >= 5.4.0-1009, >= 4.4.0-1098, >= 4.4.0-1129)
  • azure - Linux kernel for Microsoft Azure Cloud systems - (>= 5.4.0-1010, >= 4.15.0-1063, >= 4.15.0-1078, >= 4.15.0-1114)
  • gcp - Linux kernel for Google Cloud Platform (GCP) systems - (>= 5.4.0-1009)
  • generic-4.15 - Linux hardware enablement (HWE) kernel - (>= 4.15.0-69, >= 4.15.0-143, >= 4.15.0-69)
  • generic-4.4 - Linux kernel - (>= 4.4.0-211, >= 4.4.0-168)
  • generic-5.4 - Linux kernel - (>= 5.4.0-26)
  • gke - Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1033)
  • gke-4.15 - Linux kernel for Google Container Engine (GKE) systems - (>= 4.15.0-1076)
  • gke-5.4 - Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1009)
  • gkeop - Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1009)
  • gkeop-5.4 - Linux kernel for Google Container Engine (GKE) systems - (>= 5.4.0-1007)
  • lowlatency-4.15 - Linux hardware enablement (HWE) kernel - (>= 4.15.0-69, >= 4.15.0-143, >= 4.15.0-69)
  • lowlatency-4.4 - Linux kernel - (>= 4.4.0-211, >= 4.4.0-168)
  • lowlatency-5.4 - Linux kernel - (>= 5.4.0-26)
  • oem - Linux kernel for OEM systems - (>= 4.15.0-1063)

Details

The BPF subsystem in the Linux kernel before 4.17 mishandles
situations with a long jump over an instruction sequence where inner
instructions require substantial expansions into multiple BPF instructions,
leading to an overflow. This affects kernel/bpf/core.c and
net/core/filter.c.(CVE-2018-25020)

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD
processors in the Linux kernel did not properly prevent a guest VM from
enabling AVIC in nested guest VMs. An attacker in a guest VM could use this
to write to portions of the host's physical memory.(CVE-2021-3653)

Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages.(CVE-2021-4002)

Andy Nguyen discovered that the netfilter subsystem in the Linux kernel
contained an out-of-bounds write in its setsockopt() implementation. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.(CVE-2021-22555)

It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code.(CVE-2021-33909)

Checking update status

The problem can be corrected in these Livepatch versions:

Kernel type 20.04 18.04 16.04
aws 83.1 83.1 83.1
azure 83.1 83.1
gcp 83.1
generic-4.15 83.1 83.1
generic-4.4 83.1
generic-5.4 83.1
gke 83.2
gke-4.15 83.1
gke-5.4 83.2
gkeop 83.2
gkeop-5.4 83.2
lowlatency-4.15 83.1 83.1
lowlatency-4.4 83.1
lowlatency-5.4 83.1
oem 83.1

To check your kernel type and Livepatch version, enter this command:

canonical-livepatch status

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading