QID 198401
Date Published: 2021-06-14
QID 198401: Ubuntu Security Notification for Linux kernel vulnerabilities (USN-4982-1)
The nfc llcp protocol implementation in the linux kernel contained a reference counting error.
The nfc llcp protocol implementation in the linux kernel did not properly deallocate memory in certain error situations.
The nfc llcp protocol implementation in the linux kernel did not properly handle error conditions in some situations, leading to an infinite loop.
The xen paravirtualization backend in the linux kernel did not properly deallocate memory in some situations.
The fuse user space file system implementation in the linux kernel did not properly handle bad inodes in some situations.
The btrfs file system implementation in the linux kernel contained a race condition during certain cloning operations.
The perf subsystem in the linux kernel did not properly handle certain pebs records properly for some intel haswell processors.
The rpa pci hotplug driver implementation in the linux kernel did not properly handle device name writes via sysfs, leading to a buffer overflow.
The freescale gianfar ethernet driver for the linux kernel did not properly handle receive queue overrun when jumbo frames were enabled in some situations.
The qualcomm ipc router implementation in the linux kernel did not properly initialize memory passed to user space.
The block device manager (dm) implementation in the linux kernel contained a buffer overflow in the ioctl for listing devices.
The ieee 1394 (firewire) nosy packet sniffer driver in the linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability.
Note: The preceding description block is extracted directly from the security advisory. Using automation, we have attempted to clean and format it as much as possible without introducing additional issues.
a local attacker could use this to cause a denial of service (system crash) (cve-2020-25670).
A local attacker could use this to cause a denial of service (memory exhaustion) (cve-2020-25671, cve-2020-25672).
A local attacker could use this to cause a denial of service. (
cve-2020-25673).
A local attacker could use this to cause a denial of service (memory exhaustion).
(cve-2021-28688).
A local attacker could possibly use this to cause a denial of service.
(cve-2021-28950).
a local attacker could possibly use this to cause a denial of service (system crash) (cve-2021-28964).
A local attacker could use this to cause a denial of service (system crash) (cve-2021-28971).
A privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
(cve-2021-28972).
An attacker could use this to cause a denial of service (system crash) (cve-2021-29264).
A local attacker could use this to expose sensitive information (kernel memory).
(cve-2021-29647).
A privileged local attacker could use this to cause a denial of service (system crash) (cve-2021-31916).
A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (
cve-2021-3483).
- USN-4982-1 -
usn.ubuntu.com/4982-1
CVEs related to QID 198401
| Advisory ID | Software | Component | Link |
|---|---|---|---|
| USN-4982-1 | Ubuntu Linux |
usn.ubuntu.com/4982-1 |