LSN-0077-1

Advisory lineage Upstream: 2 Downstream: 0

Upstream

CVE-2021-3492 UBUNTU-CVE-2021-3492

Published: 17 May 2021, 07:04

Last modified:03 Jun 2026, 13:33

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

17 May 2021, 07:04

Published

Vulnerability first disclosed

03 Jun 2026, 13:33

Last Modified

Vulnerability information updated

Description

Kernel Live Patch Security Notice Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user() when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service (memory exhaustion) or execute arbitrary code.(CVE-2021-3492)

Affected Systems

ubuntu•linux
all | < 5.4.0-72.80
ubuntu•linux-gcp
all | < 5.4.0-1042.45
ubuntu•linux-gke
all | < 5.4.0-1042.44
ubuntu•linux-gke-5.4
all | < 5.4.0-1042.44~18.04.1
ubuntu•linux-gkeop
all | < 5.4.0-1014.15
ubuntu•linux-gkeop-5.4
all | < 5.4.0-1014.15~18.04.1
ubuntu•linux-hwe-5.4
all | < 5.4.0-72.80~18.04.1

LSN-0077-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (2)