USN-5073-1

Advisory lineage Upstream: 10 Downstream: 0
Published: 09 Sept 2021, 01:48
Last modified:03 Jun 2026, 13:34

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

09 Sept 2021, 01:48
Published
Vulnerability first disclosed
03 Jun 2026, 13:34
Last Modified
Vulnerability information updated

Description

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-hwe, linux-kvm, linux-oracle, linux-snapdragon vulnerabilities Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. (CVE-2021-3656) Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. (CVE-2021-3653) Norbert Slusarek discovered that the CAN broadcast manger (bcm) protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-34693) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612) It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160)

Affected Systems

  • ubuntulinux

    < 4.15.0-156.163

  • ubuntulinux-aws

    < 4.15.0-1111.118

  • ubuntulinux-aws-hwe

    < 4.15.0-1111.118~16.04.1

  • ubuntulinux-azure

    < 4.15.0-1123.136~14.04.1 | < 4.15.0-1123.136~16.04.1

  • ubuntulinux-azure-4.15

    < 4.15.0-1123.136

  • ubuntulinux-dell300x

    < 4.15.0-1027.32

  • ubuntulinux-hwe

    < 4.15.0-156.163~16.04.1

  • ubuntulinux-kvm

    < 4.15.0-1099.101

  • ubuntulinux-oracle

    < 4.15.0-1080.88~16.04.1 | < 4.15.0-1080.88

  • ubuntulinux-snapdragon

    < 4.15.0-1112.121

References (6)