USN-4489-1
Vulnerability Summary
Timeline
Description
linux, linux-aws, linux-aws-5.3, linux-aws-5.4, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-azure-5.4, linux-gcp, linux-gcp-4.15, linux-gcp-5.4, linux-gke-4.15, linux-gke-5.0, linux-gke-5.3, linux-hwe, linux-hwe-5.4, linux-kvm, linux-oem, linux-oem-osp1, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-raspi2, linux-raspi2-5.3, linux-snapdragon vulnerability Or Cohen discovered that the AF_PACKET implementation in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
Affected Systems
- ubuntu•linux
< 4.15.0-117.118 | < 5.4.0-47.51
- ubuntu•linux-aws
< 4.15.0-1082.86 | < 5.4.0-1024.24
- ubuntu•linux-aws-5.3
< 5.3.0-1035.37
- ubuntu•linux-aws-5.4
< 5.4.0-1024.24~18.04.1
- ubuntu•linux-aws-hwe
< 4.15.0-1082.86~16.04.1
- ubuntu•linux-azure
< 4.15.0-1095.105~14.04.1 | < 4.15.0-1095.105~16.04.1 | < 5.4.0-1025.25
- ubuntu•linux-azure-4.15
< 4.15.0-1095.105
- ubuntu•linux-azure-5.4
< 5.4.0-1025.25~18.04.1
- ubuntu•linux-gcp
< 4.15.0-1083.94~16.04.1 | < 5.4.0-1024.24
- ubuntu•linux-gcp-4.15
< 4.15.0-1083.94
- ubuntu•linux-gcp-5.4
< 5.4.0-1024.24~18.04.1
- ubuntu•linux-gke-4.15
< 4.15.0-1069.72
- ubuntu•linux-gke-5.0
< 5.0.0-1047.48
- ubuntu•linux-gke-5.3
< 5.3.0-1036.38
- ubuntu•linux-hwe
< 4.15.0-117.118~16.04.1 | < 5.3.0-67.61
- ubuntu•linux-hwe-5.4
< 5.4.0-47.51~18.04.1
- ubuntu•linux-kvm
< 4.15.0-1074.75 | < 5.4.0-1023.23
- ubuntu•linux-oem
< 4.15.0-1096.106
- ubuntu•linux-oem-osp1
< 5.0.0-1068.73
- ubuntu•linux-oracle
< 4.15.0-1053.57~16.04.1 | < 4.15.0-1053.57 | < 5.4.0-1024.24
- ubuntu•linux-oracle-5.4
< 5.4.0-1024.24~18.04.1
- ubuntu•linux-raspi
< 5.4.0-1018.20
- ubuntu•linux-raspi-5.4
< 5.4.0-1018.20~18.04.1
- ubuntu•linux-raspi2
< 4.15.0-1070.74
- ubuntu•linux-raspi2-5.3
< 5.3.0-1033.35
- ubuntu•linux-snapdragon
< 4.15.0-1086.94