USN-5014-1

Advisory lineage Upstream: 2 Downstream: 0
Published: 20 Jul 2021, 21:33
Last modified:03 Jun 2026, 13:34

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

20 Jul 2021, 21:33
Published
Vulnerability first disclosed
03 Jun 2026, 13:34
Last Modified
Vulnerability information updated

Description

linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.3, linux-hwe, linux-lts-xenial, linux-kvm, linux-oracle, linux-raspi, linux-raspi2-5.3 vulnerability It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.

Affected Systems

  • ubuntulinux

    < 3.13.0-186.237 | < 4.4.0-212.244

  • ubuntulinux-aws

    < 4.4.0-1094.99 | < 4.4.0-1130.144

  • ubuntulinux-gke-5.3

    < 5.3.0-1045.48

  • ubuntulinux-hwe

    < 5.3.0-76.72

  • ubuntulinux-kvm

    < 4.4.0-1095.104

  • ubuntulinux-lts-xenial

    < 4.4.0-212.244~14.04.1

  • ubuntulinux-raspi2-5.3

    < 5.3.0-1042.44

References (2)