Cloud Foundry Logo
blog single gear
Blog
Security Advisory

USN-5071-2: Linux kernel (HWE) vulnerabilities

by: October 4, 2021

Severity

High

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 18.04

Description

Several security issues were fixed in the Linux kernel.

USN-5071-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04

LTS. This update provides the corresponding updates for the Linux

Hardware Enablement (HWE) kernel from Ubuntu 20.04 LTS for Ubuntu

18.04 LTS.

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor

implementation for AMD processors in the Linux kernel allowed a guest VM to

disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a

guest VM could use this to read or write portions of the host’s physical

memory. (CVE-2021-3656)

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD

processors in the Linux kernel did not properly prevent a guest VM from

enabling AVIC in nested guest VMs. An attacker in a guest VM could use this

to write to portions of the host’s physical memory. (CVE-2021-3653)

It was discovered that the KVM hypervisor implementation for AMD processors

in the Linux kernel did not ensure enough processing time was given to

perform cleanups of large SEV VMs. A local attacker could use this to cause

a denial of service (soft lockup). (CVE-2020-36311)

It was discovered that the KVM hypervisor implementation in the Linux

kernel did not properly perform reference counting in some situations,

leading to a use-after-free vulnerability. An attacker who could start and

control a VM could possibly use this to expose sensitive information or

execute arbitrary code. (CVE-2021-22543)

Murray McAllister discovered that the joystick device interface in the

Linux kernel did not properly validate data passed via an ioctl(). A local

attacker could use this to cause a denial of service (system crash) or

possibly execute arbitrary code on systems with a joystick device

registered. (CVE-2021-3612)

CVEs contained in this USN include: CVE-2021-3653, CVE-2020-36311, CVE-2021-22543, CVE-2021-3612, CVE-2021-3656.

Affected Cloud Foundry Products and Versions

Severity is high unless otherwise noted.

  • Bionic Stemcells
    • 1.x versions prior to 1.28
    • All other stemcells not listed.

Mitigation

Users of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:

  • Bionic Stemcells
    • Upgrade 1.x versions to 1.28 or greater
    • All other stemcells should be upgraded to the latest version available on bosh.io.

History

2021-10-04: Initial vulnerability report published.

Cloud Foundry Foundation Security Team Profile Image

Cloud Foundry Foundation Security Team, AUTHOR

SEE ALL ARTICLES

You Might Also Like

USN-4360-2: json-c regression
Security Advisory

USN-4360-2: json-c regression

by Cloud Foundry Foundation Security Team June 24, 2020
CVE-2017-4963: Session Fixation for UAA External Authentication
Security Advisory

CVE-2017-4963: Session Fixation for UAA External Authentication

by Cloud Foundry Foundation Security Team March 29, 2017
USN-5745-1: shadow vulnerability
Security Advisory

USN-5745-1: shadow vulnerability

by Cloud Foundry Foundation Security Team December 7, 2022
This website uses cookies to offer you a better browsing experience. Find out more about how we use cookies and how you can change your settings. Accept