Ubuntu update for linux

Published: 2021-04-15

Risk	Low
Patch available	YES
Number of vulnerabilities	2
CVE-ID	CVE-2021-3493 CVE-2021-29154
CWE-ID	CWE-863 CWE-77
Exploitation vector	Local
Public exploit	Vulnerability #1 is being exploited in the wild.
Vulnerable software	Ubuntu Operating systems & Components / Operating system linux-image-virtual-lts-xenial (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-powerpc64-smp-lts-xenial (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-powerpc64-emb-lts-xenial (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-powerpc-smp-lts-xenial (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-powerpc-e500mc-lts-xenial (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-lowlatency-lts-xenial (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-generic-lts-xenial (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-generic-lpae-lts-xenial (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.4.0-1091-aws (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-azure (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-aws (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.4.0-209-powerpc64-smp (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.4.0-209-powerpc64-emb (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.4.0-209-powerpc-smp (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.4.0-209-powerpc-e500mc (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.4.0-209-lowlatency (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.4.0-209-generic-lpae (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.4.0-209-generic (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1113-azure (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-virtual (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-snapdragon (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-raspi2 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-oracle-lts-18.04 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-lowlatency (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-kvm (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-generic-lpae (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-generic (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-gcp-lts-18.04 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-dell300x (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-azure-lts-18.04 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-aws-lts-18.04 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-142-lowlatency (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-142-generic-lpae (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-142-generic (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1101-snapdragon (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1099-aws (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1098-gcp (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1090-kvm (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1084-raspi2 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1070-oracle (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.15.0-1017-dell300x (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-virtual-hwe-16.04 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-powerpc64-smp (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-powerpc64-emb (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-powerpc-smp (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-powerpc-e500mc (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-oracle (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-oem (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-lowlatency-hwe-16.04 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-gke (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-generic-lpae-hwe-16.04 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-generic-hwe-16.04 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-gcp (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-aws-hwe (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.4.0-1155-snapdragon (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.4.0-1151-raspi2 (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.4.0-1127-aws (Ubuntu package) Operating systems & Components / Operating system package or component linux-image-4.4.0-1092-kvm (Ubuntu package) Operating systems & Components / Operating system package or component
Vendor	Canonical Ltd.

Security Bulletin

This security bulletin contains information about 2 vulnerabilities.

1) Incorrect authorization

EUVDB-ID: #VU92413

Risk: Low

CVSSv4.0: 8.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:A/U:Clear]

CVE-ID: CVE-2021-3493

CWE-ID: CWE-863 - Incorrect Authorization

Exploit availability: Yes

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to incorrect authorization error within the validheader() and cap_convert_nscap() functions in security/commoncap.c, within the vfs_setxattr() and setxattr() functions in fs/xattr.c. A local user can execute arbitrary code.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 14.04 - 18.04

linux-image-virtual-lts-xenial (Ubuntu package): before 4.4.0.209.182

linux-image-powerpc64-smp-lts-xenial (Ubuntu package): before 4.4.0.209.182

linux-image-powerpc64-emb-lts-xenial (Ubuntu package): before 4.4.0.209.182

linux-image-powerpc-smp-lts-xenial (Ubuntu package): before 4.4.0.209.182

linux-image-powerpc-e500mc-lts-xenial (Ubuntu package): before 4.4.0.209.182

linux-image-lowlatency-lts-xenial (Ubuntu package): before 4.4.0.209.182

linux-image-generic-lts-xenial (Ubuntu package): before 4.4.0.209.182

linux-image-generic-lpae-lts-xenial (Ubuntu package): before 4.4.0.209.182

linux-image-4.4.0-1091-aws (Ubuntu package): before 4.4.0-1091.95

linux-image-azure (Ubuntu package): before 4.15.0.1113.86

linux-image-aws (Ubuntu package): before 4.4.0.1091.88

linux-image-4.4.0-209-powerpc64-smp (Ubuntu package): before 4.4.0-209.241~14.04.1

linux-image-4.4.0-209-powerpc64-emb (Ubuntu package): before 4.4.0-209.241~14.04.1

linux-image-4.4.0-209-powerpc-smp (Ubuntu package): before 4.4.0-209.241~14.04.1

linux-image-4.4.0-209-powerpc-e500mc (Ubuntu package): before 4.4.0-209.241~14.04.1

linux-image-4.4.0-209-lowlatency (Ubuntu package): before 4.4.0-209.241~14.04.1

linux-image-4.4.0-209-generic-lpae (Ubuntu package): before 4.4.0-209.241~14.04.1

linux-image-4.4.0-209-generic (Ubuntu package): before 4.4.0-209.241~14.04.1

linux-image-4.15.0-1113-azure (Ubuntu package): before 4.15.0-1113.126~14.04.1

linux-image-virtual (Ubuntu package): before 4.4.0.209.215

linux-image-snapdragon (Ubuntu package): before 4.4.0.1155.147

linux-image-raspi2 (Ubuntu package): before 4.4.0.1151.151

linux-image-oracle-lts-18.04 (Ubuntu package): before 4.15.0.1070.80

linux-image-lowlatency (Ubuntu package): before 4.4.0.209.215

linux-image-kvm (Ubuntu package): before 4.4.0.1092.90

linux-image-generic-lpae (Ubuntu package): before 4.4.0.209.215

linux-image-generic (Ubuntu package): before 4.4.0.209.215

linux-image-gcp-lts-18.04 (Ubuntu package): before 4.15.0.1098.116

linux-image-dell300x (Ubuntu package): before 4.15.0.1017.19

linux-image-azure-lts-18.04 (Ubuntu package): before 4.15.0.1113.86

linux-image-aws-lts-18.04 (Ubuntu package): before 4.15.0.1099.102

linux-image-4.15.0-142-lowlatency (Ubuntu package): before 4.15.0-142.146~16.04.1

linux-image-4.15.0-142-generic-lpae (Ubuntu package): before 4.15.0-142.146~16.04.1

linux-image-4.15.0-142-generic (Ubuntu package): before 4.15.0-142.146~16.04.1

linux-image-4.15.0-1101-snapdragon (Ubuntu package): before 4.15.0-1101.110

linux-image-4.15.0-1099-aws (Ubuntu package): before 4.15.0-1099.106~16.04.1

linux-image-4.15.0-1098-gcp (Ubuntu package): before 4.15.0-1098.111~16.04.1

linux-image-4.15.0-1090-kvm (Ubuntu package): before 4.15.0-1090.92

linux-image-4.15.0-1084-raspi2 (Ubuntu package): before 4.15.0-1084.89

linux-image-4.15.0-1070-oracle (Ubuntu package): before 4.15.0-1070.78~16.04.1

linux-image-4.15.0-1017-dell300x (Ubuntu package): before 4.15.0-1017.21

linux-image-virtual-hwe-16.04 (Ubuntu package): before 4.15.0.142.137

linux-image-powerpc64-smp (Ubuntu package): before 4.4.0.209.215

linux-image-powerpc64-emb (Ubuntu package): before 4.4.0.209.215

linux-image-powerpc-smp (Ubuntu package): before 4.4.0.209.215

linux-image-powerpc-e500mc (Ubuntu package): before 4.4.0.209.215

linux-image-oracle (Ubuntu package): before 4.15.0.1070.58

linux-image-oem (Ubuntu package): before 4.15.0.142.137

linux-image-lowlatency-hwe-16.04 (Ubuntu package): before 4.15.0.142.137

linux-image-gke (Ubuntu package): before 4.15.0.1098.99

linux-image-generic-lpae-hwe-16.04 (Ubuntu package): before 4.15.0.142.137

linux-image-generic-hwe-16.04 (Ubuntu package): before 4.15.0.142.137

linux-image-gcp (Ubuntu package): before 4.15.0.1098.99

linux-image-aws-hwe (Ubuntu package): before 4.15.0.1099.92

linux-image-4.4.0-1155-snapdragon (Ubuntu package): before 4.4.0-1155.165

linux-image-4.4.0-1151-raspi2 (Ubuntu package): before 4.4.0-1151.162

linux-image-4.4.0-1127-aws (Ubuntu package): before 4.4.0-1127.141

linux-image-4.4.0-1092-kvm (Ubuntu package): before 4.4.0-1092.101

CPE2.3

External links

https://ubuntu.com/security/notices/USN-4916-1

Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

Yes. This vulnerability is being exploited in the wild.

2) Command Injection

EUVDB-ID: #VU56241

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2021-29154

CWE-ID: CWE-77 - Command injection

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to incorrect computation of branch displacements within the BPF JIT compilers in the Linux kernel in arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c. A local user can inject and execute arbitrary commands with elevated privileges.