Ubuntu update for linux

Published: 2021-04-13

Risk	Low
Patch available	YES
Number of vulnerabilities	3
CVE-ID	CVE-2018-13095 CVE-2021-3347 CVE-2021-3348
CWE-ID	CWE-476 CWE-416
Exploitation vector	Local
Public exploit	N/A
Vulnerable software	Ubuntu Operating systems & Components / Operating system linux-image-azure (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1112-azure (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-aws-hwe (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1098-aws (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-virtual (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-snapdragon (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-raspi2 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-oracle-lts-18.04 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-lowlatency (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-kvm (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-generic-lpae (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-generic (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-gcp-lts-18.04 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-dell300x (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-azure-lts-18.04 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-aws-lts-18.04 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-141-lowlatency (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-141-generic-lpae (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-141-generic (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1100-snapdragon (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1097-gcp (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1089-kvm (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1083-raspi2 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1069-oracle (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1016-dell300x (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-oracle (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-gke (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-gcp (Ubuntu package) Operating systems & Components / Operating system package or component
Vendor	Canonical Ltd.

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Null pointer dereference

EUVDB-ID: #VU13851

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-13095

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local attacker to cause DoS condition on the target system.

The vulnerability exists in the xfs_bmap_extents_to_btree() function in the Extended File System (XFS) component, as defined in the source code file fs/xfs/libxfs/xfs_inode_buf.c due to boundary error when mounting XFS filesystems. A local attacker can access the system, mount an XFS filesystem that submits malicious input, trigger a NULL pointer dereference memory error and cause the affected software to terminate abnormally.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 14.04 - 18.04

linux-image-azure (Ubuntu package): before 4.15.0.1112.85

linux-image-4.15.0-1112-azure (Ubuntu package): before 4.15.0-1112.124~14.04.1

linux-image-aws-hwe (Ubuntu package): before 4.15.0.1098.91

linux-image-4.15.0-1098-aws (Ubuntu package): before 4.15.0-1098.105~16.04.1

linux-image-virtual (Ubuntu package): before 4.15.0.141.128

linux-image-snapdragon (Ubuntu package): before 4.15.0.1100.103

linux-image-raspi2 (Ubuntu package): before 4.15.0.1083.80

linux-image-oracle-lts-18.04 (Ubuntu package): before 4.15.0.1069.79

linux-image-lowlatency (Ubuntu package): before 4.15.0.141.128

linux-image-kvm (Ubuntu package): before 4.15.0.1089.85

linux-image-generic-lpae (Ubuntu package): before 4.15.0.141.128

linux-image-generic (Ubuntu package): before 4.15.0.141.128

linux-image-gcp-lts-18.04 (Ubuntu package): before 4.15.0.1097.115

linux-image-dell300x (Ubuntu package): before 4.15.0.1016.18

linux-image-azure-lts-18.04 (Ubuntu package): before 4.15.0.1112.85

linux-image-aws-lts-18.04 (Ubuntu package): before 4.15.0.1098.101

linux-image-4.15.0-141-lowlatency (Ubuntu package): before 4.15.0-141.145

linux-image-4.15.0-141-generic-lpae (Ubuntu package): before 4.15.0-141.145

linux-image-4.15.0-141-generic (Ubuntu package): before 4.15.0-141.145

linux-image-4.15.0-1100-snapdragon (Ubuntu package): before 4.15.0-1100.109

linux-image-4.15.0-1097-gcp (Ubuntu package): before 4.15.0-1097.110~16.04.1

linux-image-4.15.0-1089-kvm (Ubuntu package): before 4.15.0-1089.91

linux-image-4.15.0-1083-raspi2 (Ubuntu package): before 4.15.0-1083.88

linux-image-4.15.0-1069-oracle (Ubuntu package): before 4.15.0-1069.77~16.04.1

linux-image-4.15.0-1016-dell300x (Ubuntu package): before 4.15.0-1016.20

linux-image-oracle (Ubuntu package): before 4.15.0.1069.57

linux-image-gke (Ubuntu package): before 4.15.0.1097.98

linux-image-gcp (Ubuntu package): before 4.15.0.1097.98

CPE2.3

External links

https://ubuntu.com/security/notices/USN-4907-1

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Use-after-free

EUVDB-ID: #VU52035

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-3347

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to elevate privileges on the system.

The vulnerability exists due to a use-after-free error when handling PI futexes. A local user can run a specially crafted program to trigger a use-after-free error and execute arbitrary code with elevated privileges.