USN-5240-1
Vulnerability Summary
Timeline
Description
linux, linux-aws, linux-aws-5.11, linux-aws-5.4, linux-azure, linux-azure-5.11, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.11, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oem-5.10, linux-oem-5.13, linux-oem-5.14, linux-oracle, linux-oracle-5.11, linux-oracle-5.4, linux-raspi, linux-raspi-5.4 vulnerability William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.
Affected Systems
- ubuntu•linux
< 5.4.0-96.109
- ubuntu•linux-aws
< 5.4.0-1063.66
- ubuntu•linux-aws-5.11
< 5.11.0-1027.30~20.04.1
- ubuntu•linux-aws-5.4
< 5.4.0-1063.66~18.04.1
- ubuntu•linux-azure
< 5.4.0-1067.70
- ubuntu•linux-azure-5.11
< 5.11.0-1027.30~20.04.1
- ubuntu•linux-azure-5.4
< 5.4.0-1067.70~18.04.1
- ubuntu•linux-bluefield
< 5.4.0-1025.28
- ubuntu•linux-gcp
< 5.4.0-1062.66
- ubuntu•linux-gcp-5.11
< 5.11.0-1028.32~20.04.1
- ubuntu•linux-gcp-5.4
< 5.4.0-1062.66~18.04.1
- ubuntu•linux-gke
< 5.4.0-1059.62
- ubuntu•linux-gke-5.4
< 5.4.0-1059.62~18.04.1
- ubuntu•linux-gkeop
< 5.4.0-1031.32
- ubuntu•linux-gkeop-5.4
< 5.4.0-1031.32~18.04.1
- ubuntu•linux-hwe-5.4
< 5.4.0-96.109~18.04.1
- ubuntu•linux-ibm
< 5.4.0-1012.13
- ubuntu•linux-kvm
< 5.4.0-1053.55
- ubuntu•linux-oem-5.10
< 5.10.0-1057.61
- ubuntu•linux-oem-5.13
< 5.13.0-1028.35
- ubuntu•linux-oem-5.14
< 5.14.0-1020.22
- ubuntu•linux-oracle
< 5.4.0-1061.65
- ubuntu•linux-oracle-5.11
< 5.11.0-1027.30~20.04.1
- ubuntu•linux-oracle-5.4
< 5.4.0-1061.65~18.04.1
- ubuntu•linux-raspi
< 5.4.0-1050.56
- ubuntu•linux-raspi-5.4
< 5.4.0-1050.56~18.04.1