LSN-0076-1

Advisory lineage Upstream: 4 Downstream: 0
Published: 03 May 2021, 07:36
Last modified:03 Jun 2026, 13:33

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

03 May 2021, 07:36
Published
Vulnerability first disclosed
03 Jun 2026, 13:33
Last Modified
Vulnerability information updated

Description

Kernel Live Patch Security Notice It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges.(CVE-2021-3493) Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2021-29154)

Affected Systems

  • ubuntulinux

    all | < 4.4.0-209.241 | < 4.15.0-142.146 | < 5.4.0-72.80

  • ubuntulinux-aws

    all | < 4.4.0-1127.141 | < 4.15.0-1099.106 | < 5.4.0-1045.47

  • ubuntulinux-azure

    all | < 4.15.0-1113.126~16.04.1 | < 5.4.0-1046.48

  • ubuntulinux-gcp

    all | < 5.4.0-1042.45

  • ubuntulinux-gke

    all | < 5.4.0-1042.44

  • ubuntulinux-gke-4.15

    all

  • ubuntulinux-gke-5.4

    all | < 5.4.0-1042.44~18.04.1

  • ubuntulinux-gkeop

    all | < 5.4.0-1014.15

  • ubuntulinux-gkeop-5.4

    all | < 5.4.0-1014.15~18.04.1

  • ubuntulinux-hwe

    all | < 4.15.0-142.146~16.04.1

  • ubuntulinux-hwe-5.4

    all | < 5.4.0-72.80~18.04.1

  • ubuntulinux-lts-xenial

    all | < 4.4.0-209.241~14.04.1

  • ubuntulinux-oem

    all

References (3)