USN-4917-1

Advisory lineage Upstream: 6 Downstream: 0
Published: 15 Apr 2021, 23:35
Last modified:03 Jun 2026, 13:34

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

15 Apr 2021, 23:35
Published
Vulnerability first disclosed
03 Jun 2026, 13:34
Last Modified
Vulnerability information updated

Description

linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke-5.3, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-kvm, linux-oem-5.10, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-raspi2-5.3 vulnerabilities It was discovered that the overlayfs implementation in the Linux kernel did not properly validate the application of file system capabilities with respect to user namespaces. A local attacker could use this to gain elevated privileges. (CVE-2021-3493) Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copy_from_user() when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service (memory exhaustion) or execute arbitrary code. (CVE-2021-3492) Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux kernel did not properly validate computation of branch displacements in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-29154)

Affected Systems

  • ubuntulinux

    < 5.4.0-72.80

  • ubuntulinux-aws

    < 5.4.0-1045.47

  • ubuntulinux-aws-5.4

    < 5.4.0-1045.47~18.04.1

  • ubuntulinux-azure

    < 5.4.0-1046.48

  • ubuntulinux-azure-5.4

    < 5.4.0-1046.48~18.04.1

  • ubuntulinux-gcp

    < 5.4.0-1042.45

  • ubuntulinux-gcp-5.4

    < 5.4.0-1042.45~18.04.1

  • ubuntulinux-gke-5.3

    < 5.3.0-1042.45

  • ubuntulinux-gke-5.4

    < 5.4.0-1042.44~18.04.1

  • ubuntulinux-gkeop

    < 5.4.0-1014.15

  • ubuntulinux-gkeop-5.4

    < 5.4.0-1014.15~18.04.1

  • ubuntulinux-hwe

    < 5.3.0-73.69

  • ubuntulinux-hwe-5.4

    < 5.4.0-72.80~18.04.1

  • ubuntulinux-hwe-5.8

    < 5.8.0-50.56~20.04.1

  • ubuntulinux-kvm

    < 5.4.0-1038.39

  • ubuntulinux-oem-5.10

    < 5.10.0-1022.23

  • ubuntulinux-oracle

    < 5.4.0-1043.46

  • ubuntulinux-oracle-5.4

    < 5.4.0-1043.46~18.04.1

  • ubuntulinux-raspi

    < 5.4.0-1034.37

  • ubuntulinux-raspi-5.4

    < 5.4.0-1034.37~18.04.1

  • ubuntulinux-raspi2-5.3

    < 5.3.0-1039.41

References (4)