UBUNTU-CVE-2021-28691
Vulnerability Summary
Timeline
Description
Guest triggered use-after-free in Linux xen-netback A malicious or buggy network PV frontend can force Linux netback to disable the interface and terminate the receive kernel thread associated with queue 0 in response to the frontend sending a malformed packet. Such kernel thread termination will lead to a use-after-free in Linux netback when the backend is destroyed, as the kernel thread associated with queue 0 will have already exited and thus the call to kthread_stop will be performed against a stale pointer.
CVSS Metrics
- v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- ubuntu•linux-aws-5.0
all
- ubuntu•linux-aws-5.11
< 5.11.0-1016.17~20.04.1
- ubuntu•linux-aws-5.3
all
- ubuntu•linux-aws-5.8
< 5.8.0-1042.44~20.04.1
- ubuntu•linux-azure
all
- ubuntu•linux-azure-5.11
< 5.11.0-1013.14~20.04.1
- ubuntu•linux-azure-5.3
all
- ubuntu•linux-azure-5.8
< 5.8.0-1040.43~20.04.1
- ubuntu•linux-azure-edge
all
- ubuntu•linux-gcp
all
- ubuntu•linux-gcp-5.11
< 5.11.0-1017.19~20.04.1
- ubuntu•linux-gcp-5.3
all
- ubuntu•linux-gcp-5.8
< 5.8.0-1039.41
- ubuntu•linux-gcp-edge
all
- ubuntu•linux-gke-4.15
all
- ubuntu•linux-hwe
all
- ubuntu•linux-hwe-5.11
< 5.11.0-34.36~20.04.1
- ubuntu•linux-hwe-5.8
all
- ubuntu•linux-hwe-edge
all | all
- ubuntu•linux-oem
all
- ubuntu•linux-oem-5.10
< 5.10.0-1038.40
- ubuntu•linux-oem-5.6
all
- ubuntu•linux-oracle-5.0
all
- ubuntu•linux-oracle-5.11
< 5.11.0-1016.17~20.04.1
- ubuntu•linux-oracle-5.3
all
- ubuntu•linux-oracle-5.8
< 5.8.0-1038.39~20.04.1
- ubuntu•linux-raspi2
all
- ubuntu•linux-riscv
all
- ubuntu•linux-riscv-5.11
< 5.11.0-1017.18~20.04.1
- ubuntu•linux-riscv-5.8
all