USN-4877-1

Advisory lineage Upstream: 4 Downstream: 0
Published: 16 Mar 2021, 06:02
Last modified:03 Jun 2026, 13:33

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

16 Mar 2021, 06:02
Published
Vulnerability first disclosed
03 Jun 2026, 13:33
Last Modified
Vulnerability information updated

Description

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities It was discovered that the Marvell WiFi-Ex device driver in the Linux kernel did not properly validate ad-hoc SSIDs. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-36158) 吴异 discovered that the NFS implementation in the Linux kernel did not properly prevent access outside of an NFS export that is a subdirectory of a file system. An attacker could possibly use this to bypass NFS access restrictions. (CVE-2021-3178)

Affected Systems

  • ubuntulinux

    < 4.15.0-137.141

  • ubuntulinux-aws

    < 4.15.0-1095.102

  • ubuntulinux-aws-hwe

    < 4.15.0-1095.102~16.04.1

  • ubuntulinux-azure

    < 4.15.0-1109.121~14.04.1 | < 4.15.0-1109.121~16.04.1

  • ubuntulinux-azure-4.15

    < 4.15.0-1109.121

  • ubuntulinux-dell300x

    < 4.15.0-1013.17

  • ubuntulinux-gcp

    < 4.15.0-1094.107~16.04.1

  • ubuntulinux-gcp-4.15

    < 4.15.0-1094.107

  • ubuntulinux-hwe

    < 4.15.0-137.141~16.04.1

  • ubuntulinux-kvm

    < 4.15.0-1086.88

  • ubuntulinux-oracle

    < 4.15.0-1066.74~16.04.1 | < 4.15.0-1066.74

  • ubuntulinux-raspi2

    < 4.15.0-1080.85

  • ubuntulinux-snapdragon

    < 4.15.0-1097.106

References (3)