LSN-0078-1

Source
https://ubuntu.com/security/notices/LSN-0078-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0078-1.json
JSON Data
https://api.osv.dev/v1/vulns/LSN-0078-1
Related
Published
2021-07-19T05:41:57Z
Modified
2021-07-19T05:41:57Z
Summary
Kernel Live Patch Security Notice
Details

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code.(CVE-2021-3609)

References

Affected packages

Ubuntu:Pro:16.04:LTS / linux-hwe

Package

Name
linux-hwe
Purl
pkg:deb/ubuntu/linux-hwe@4.15.0-147.151~16.04.1?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.15.0-147.151~16.04.1

Affected versions

4.*

4.8.0-36.36~16.04.1
4.8.0-39.42~16.04.1
4.8.0-41.44~16.04.1
4.8.0-42.45~16.04.1
4.8.0-44.47~16.04.1
4.8.0-45.48~16.04.1
4.8.0-46.49~16.04.1
4.8.0-49.52~16.04.1
4.8.0-51.54~16.04.1
4.8.0-52.55~16.04.1
4.8.0-53.56~16.04.1
4.8.0-54.57~16.04.1
4.8.0-56.61~16.04.1
4.8.0-58.63~16.04.1
4.10.0-27.30~16.04.2
4.10.0-28.32~16.04.2
4.10.0-30.34~16.04.1
4.10.0-32.36~16.04.1
4.10.0-33.37~16.04.1
4.10.0-35.39~16.04.1
4.10.0-37.41~16.04.1
4.10.0-38.42~16.04.1
4.10.0-40.44~16.04.1
4.10.0-42.46~16.04.1
4.13.0-26.29~16.04.2
4.13.0-31.34~16.04.1
4.13.0-32.35~16.04.1
4.13.0-36.40~16.04.1
4.13.0-37.42~16.04.1
4.13.0-38.43~16.04.1
4.13.0-39.44~16.04.1
4.13.0-41.46~16.04.1
4.13.0-43.48~16.04.1
4.13.0-45.50~16.04.1
4.15.0-24.26~16.04.1
4.15.0-29.31~16.04.1
4.15.0-30.32~16.04.1
4.15.0-32.35~16.04.1
4.15.0-33.36~16.04.1
4.15.0-34.37~16.04.1
4.15.0-36.39~16.04.1
4.15.0-38.41~16.04.1
4.15.0-39.42~16.04.1
4.15.0-42.45~16.04.1
4.15.0-43.46~16.04.1
4.15.0-45.48~16.04.1
4.15.0-46.49~16.04.1
4.15.0-47.50~16.04.1
4.15.0-48.51~16.04.1
4.15.0-50.54~16.04.1
4.15.0-51.55~16.04.1
4.15.0-52.56~16.04.1
4.15.0-54.58~16.04.1
4.15.0-55.60~16.04.2
4.15.0-58.64~16.04.1
4.15.0-60.67~16.04.1
4.15.0-62.69~16.04.1
4.15.0-64.73~16.04.1
4.15.0-65.74~16.04.1
4.15.0-66.75~16.04.1
4.15.0-69.78~16.04.1
4.15.0-70.79~16.04.1
4.15.0-72.81~16.04.1
4.15.0-74.83~16.04.1
4.15.0-76.86~16.04.1
4.15.0-88.88~16.04.1
4.15.0-91.92~16.04.1
4.15.0-96.97~16.04.1
4.15.0-99.100~16.04.1
4.15.0-101.102~16.04.1
4.15.0-106.107~16.04.1
4.15.0-107.108~16.04.1
4.15.0-112.113~16.04.1
4.15.0-115.116~16.04.1
4.15.0-117.118~16.04.1
4.15.0-118.119~16.04.1
4.15.0-120.122~16.04.1
4.15.0-122.124~16.04.1
4.15.0-123.126~16.04.1
4.15.0-126.129~16.04.1
4.15.0-128.131~16.04.1
4.15.0-129.132~16.04.1
4.15.0-132.136~16.04.1
4.15.0-133.137~16.04.1
4.15.0-136.140~16.04.1
4.15.0-137.141~16.04.1
4.15.0-139.143~16.04.1
4.15.0-140.144~16.04.1
4.15.0-142.146~16.04.1
4.15.0-143.147~16.04.3
4.15.0-144.148~16.04.1

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_4_15_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"
}

Ubuntu:Pro:18.04:LTS / linux

Package

Name
linux
Purl
pkg:deb/ubuntu/linux@4.15.0-147.151?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.15.0-147.151

Affected versions

4.*

4.13.0-16.19
4.13.0-17.20
4.13.0-25.29
4.13.0-32.35
4.15.0-10.11
4.15.0-12.13
4.15.0-13.14
4.15.0-15.16
4.15.0-19.20
4.15.0-20.21
4.15.0-22.24
4.15.0-23.25
4.15.0-24.26
4.15.0-29.31
4.15.0-30.32
4.15.0-32.35
4.15.0-33.36
4.15.0-34.37
4.15.0-36.39
4.15.0-38.41
4.15.0-39.42
4.15.0-42.45
4.15.0-43.46
4.15.0-44.47
4.15.0-45.48
4.15.0-46.49
4.15.0-47.50
4.15.0-48.51
4.15.0-50.54
4.15.0-51.55
4.15.0-52.56
4.15.0-54.58
4.15.0-55.60
4.15.0-58.64
4.15.0-60.67
4.15.0-62.69
4.15.0-64.73
4.15.0-65.74
4.15.0-66.75
4.15.0-69.78
4.15.0-70.79
4.15.0-72.81
4.15.0-74.84
4.15.0-76.86
4.15.0-88.88
4.15.0-91.92
4.15.0-96.97
4.15.0-99.100
4.15.0-101.102
4.15.0-106.107
4.15.0-108.109
4.15.0-109.110
4.15.0-111.112
4.15.0-112.113
4.15.0-115.116
4.15.0-117.118
4.15.0-118.119
4.15.0-121.123
4.15.0-122.124
4.15.0-123.126
4.15.0-124.127
4.15.0-126.129
4.15.0-128.131
4.15.0-129.132
4.15.0-130.134
4.15.0-132.136
4.15.0-134.138
4.15.0-135.139
4.15.0-136.140
4.15.0-137.141
4.15.0-139.143
4.15.0-140.144
4.15.0-141.145
4.15.0-142.146
4.15.0-143.147
4.15.0-144.148

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_4_15_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"
}

Ubuntu:Pro:20.04:LTS / linux

Package

Name
linux
Purl
pkg:deb/ubuntu/linux@5.4.0-77.86?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.0-77.86

Affected versions

5.*

5.3.0-18.19
5.3.0-24.26
5.4.0-9.12
5.4.0-18.22
5.4.0-21.25
5.4.0-24.28
5.4.0-25.29
5.4.0-26.30
5.4.0-28.32
5.4.0-29.33
5.4.0-31.35
5.4.0-33.37
5.4.0-37.41
5.4.0-39.43
5.4.0-40.44
5.4.0-42.46
5.4.0-45.49
5.4.0-47.51
5.4.0-48.52
5.4.0-51.56
5.4.0-52.57
5.4.0-53.59
5.4.0-54.60
5.4.0-56.62
5.4.0-58.64
5.4.0-59.65
5.4.0-60.67
5.4.0-62.70
5.4.0-64.72
5.4.0-65.73
5.4.0-66.74
5.4.0-67.75
5.4.0-70.78
5.4.0-71.79
5.4.0-72.80
5.4.0-73.82
5.4.0-74.83

Ecosystem specific

{
    "availability": "Livepatch subscription required",
    "module_name_regex": "lkp_Ubuntu_5_4_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)"
}