USN-5014-1: Linux kernel vulnerability

Releases

• Ubuntu 21.04
• Ubuntu 18.04 ESM
• Ubuntu 16.04 ESM
• Ubuntu 14.04 ESM

Packages

• linux - Linux kernel
• linux-aws - Linux kernel for Amazon Web Services (AWS) systems
• linux-azure - Linux kernel for Microsoft Azure Cloud systems
• linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
• linux-gke-5.3 - Linux kernel for Google Container Engine (GKE) systems
• linux-hwe - Linux hardware enablement (HWE) kernel
• linux-kvm - Linux kernel for cloud environments
• linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty
• linux-oracle - Linux kernel for Oracle Cloud systems
• linux-raspi - Linux kernel for Raspberry Pi (V8) systems
• linux-raspi2-5.3 - Linux kernel for Raspberry Pi (V8) systems

Details

It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 21.04

• linux-image-5.11.0-1012-azure - 5.11.0-1012.13
• linux-image-5.11.0-1012-kvm - 5.11.0-1012.13
• linux-image-5.11.0-1013-oracle - 5.11.0-1013.14
• linux-image-5.11.0-1014-aws - 5.11.0-1014.15
• linux-image-5.11.0-1014-gcp - 5.11.0-1014.16
• linux-image-5.11.0-1015-raspi - 5.11.0-1015.16
• linux-image-5.11.0-1015-raspi-nolpae - 5.11.0-1015.16
• linux-image-5.11.0-25-generic - 5.11.0-25.27
• linux-image-5.11.0-25-generic-64k - 5.11.0-25.27
• linux-image-5.11.0-25-generic-lpae - 5.11.0-25.27
• linux-image-5.11.0-25-lowlatency - 5.11.0-25.27
• linux-image-aws - 5.11.0.1014.15
• linux-image-azure - 5.11.0.1012.13
• linux-image-gcp - 5.11.0.1014.14
• linux-image-generic - 5.11.0.25.27
• linux-image-generic-64k - 5.11.0.25.27
• linux-image-generic-lpae - 5.11.0.25.27
• linux-image-gke - 5.11.0.1014.14
• linux-image-kvm - 5.11.0.1012.13
• linux-image-lowlatency - 5.11.0.25.27
• linux-image-oem-20.04 - 5.11.0.25.27
• linux-image-oracle - 5.11.0.1013.14
• linux-image-raspi - 5.11.0.1015.13
• linux-image-raspi-nolpae - 5.11.0.1015.13
• linux-image-virtual - 5.11.0.25.27

Ubuntu 18.04

• linux-image-5.3.0-1042-raspi2 - 5.3.0-1042.44
• linux-image-5.3.0-1045-gke - 5.3.0-1045.48
• linux-image-5.3.0-76-generic - 5.3.0-76.72
• linux-image-5.3.0-76-lowlatency - 5.3.0-76.72
• linux-image-gke-5.3 - 5.3.0.1045.28
• linux-image-gkeop-5.3 - 5.3.0.76.133
• linux-image-raspi2-hwe-18.04 - 5.3.0.1042.31

Ubuntu 16.04

• linux-image-4.4.0-1095-kvm - 4.4.0-1095.104
  Available with Ubuntu Pro
• linux-image-4.4.0-1130-aws - 4.4.0-1130.144
  Available with Ubuntu Pro
• linux-image-4.4.0-212-generic - 4.4.0-212.244
  Available with Ubuntu Pro
• linux-image-4.4.0-212-lowlatency - 4.4.0-212.244
  Available with Ubuntu Pro
• linux-image-aws - 4.4.0.1130.135
  Available with Ubuntu Pro
• linux-image-generic - 4.4.0.212.219
  Available with Ubuntu Pro
• linux-image-kvm - 4.4.0.1095.93
  Available with Ubuntu Pro
• linux-image-lowlatency - 4.4.0.212.219
  Available with Ubuntu Pro
• linux-image-virtual - 4.4.0.212.219
  Available with Ubuntu Pro

Ubuntu 14.04

• linux-image-3.13.0-186-generic - 3.13.0-186.237
  Available with Ubuntu Pro
• linux-image-3.13.0-186-generic-lpae - 3.13.0-186.237
  Available with Ubuntu Pro
• linux-image-3.13.0-186-lowlatency - 3.13.0-186.237
  Available with Ubuntu Pro
• linux-image-3.13.0-186-powerpc-e500 - 3.13.0-186.237
  Available with Ubuntu Pro
• linux-image-3.13.0-186-powerpc-e500mc - 3.13.0-186.237
  Available with Ubuntu Pro
• linux-image-3.13.0-186-powerpc-smp - 3.13.0-186.237
  Available with Ubuntu Pro
• linux-image-3.13.0-186-powerpc64-emb - 3.13.0-186.237
  Available with Ubuntu Pro
• linux-image-3.13.0-186-powerpc64-smp - 3.13.0-186.237
  Available with Ubuntu Pro
• linux-image-4.4.0-1094-aws - 4.4.0-1094.99
  Available with Ubuntu Pro
• linux-image-4.4.0-212-generic - 4.4.0-212.244~14.04.1
  Available with Ubuntu Pro
• linux-image-4.4.0-212-lowlatency - 4.4.0-212.244~14.04.1
  Available with Ubuntu Pro
• linux-image-aws - 4.4.0.1094.92
  Available with Ubuntu Pro
• linux-image-generic - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-generic-lpae - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-generic-lts-xenial - 4.4.0.212.185
  Available with Ubuntu Pro
• linux-image-generic-pae - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-highbank - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-lowlatency - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-lowlatency-lts-xenial - 4.4.0.212.185
  Available with Ubuntu Pro
• linux-image-lowlatency-pae - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-omap - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-powerpc-e500 - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-powerpc-e500mc - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-powerpc-smp - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-powerpc64-emb - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-powerpc64-smp - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-server - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-virtual - 3.13.0.186.195
  Available with Ubuntu Pro
• linux-image-virtual-lts-xenial - 4.4.0.212.185
  Available with Ubuntu Pro

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

• CVE-2021-33909

Related notices

• USN-5015-1
• USN-5016-1
• USN-5017-1
• USN-5018-1
• LSN-0079-1
• LSN-0081-1
• LSN-0083-1