English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.845063
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-5071-2)
Summary:The remote host is missing an update for the 'linux-hwe-5.4' package(s) announced via the USN-5071-2 advisory.
Description:Summary:
The remote host is missing an update for the 'linux-hwe-5.4' package(s) announced via the USN-5071-2 advisory.

Vulnerability Insight:
USN-5071-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 20.04 LTS for Ubuntu
18.04 LTS.

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor
implementation for AMD processors in the Linux kernel allowed a guest VM to
disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a
guest VM could use this to read or write portions of the host's physical
memory. (CVE-2021-3656)

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD
processors in the Linux kernel did not properly prevent a guest VM from
enabling AVIC in nested guest VMs. An attacker in a guest VM could use this
to write to portions of the host's physical memory. (CVE-2021-3653)

It was discovered that the KVM hypervisor implementation for AMD processors
in the Linux kernel did not ensure enough processing time was given to
perform cleanups of large SEV VMs. A local attacker could use this to cause
a denial of service (soft lockup). (CVE-2020-36311)

It was discovered that the KVM hypervisor implementation in the Linux
kernel did not properly perform reference counting in some situations,
leading to a use-after-free vulnerability. An attacker who could start and
control a VM could possibly use this to expose sensitive information or
execute arbitrary code. (CVE-2021-22543)

Murray McAllister discovered that the joystick device interface in the
Linux kernel did not properly validate data passed via an ioctl(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code on systems with a joystick device
registered. (CVE-2021-3612)

Affected Software/OS:
'linux-hwe-5.4' package(s) on Ubuntu 18.04.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-36311
Debian Security Information: DSA-4941 (Google Search)
https://www.debian.org/security/2021/dsa-4941
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7be74942f184fdfba34ddd19a0d995deb34d4a03
https://lists.debian.org/debian-lts-announce/2021/07/msg00015.html
Common Vulnerability Exposure (CVE) ID: CVE-2021-22543
FEDORA-2021-95f2f1cfc7
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ROQIXQB7ZAWI3KSGSHR6H5RDUWZI775S/
FEDORA-2021-fe826f202e
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4G5YBUVEPHZYXMKNGBZ3S6INFCTEEL4E/
[debian-lts-announce] 20211015 [SECURITY] [DLA 2785-1] linux-4.19 security update
https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html
[debian-lts-announce] 20211216 [SECURITY] [DLA 2843-1] linux security update
https://lists.debian.org/debian-lts-announce/2021/12/msg00012.html
[oss-security] 20210626 Re: CVE-2021-22543 - /dev/kvm LPE
http://www.openwall.com/lists/oss-security/2021/06/26/1
https://github.com/google/security-research/security/advisories/GHSA-7wq5-phmq-m584
https://security.netapp.com/advisory/ntap-20210708-0002/
Common Vulnerability Exposure (CVE) ID: CVE-2021-3612
https://security.netapp.com/advisory/ntap-20210805-0005/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/
https://bugzilla.redhat.com/show_bug.cgi?id=1974079
https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/
https://www.oracle.com/security-alerts/cpujul2022.html
Common Vulnerability Exposure (CVE) ID: CVE-2021-3653
http://packetstormsecurity.com/files/165477/Kernel-Live-Patch-Security-Notice-LSN-0083-1.html
https://bugzilla.redhat.com/show_bug.cgi?id=1983686
https://www.openwall.com/lists/oss-security/2021/08/16/1
Common Vulnerability Exposure (CVE) ID: CVE-2021-3656
https://bugzilla.redhat.com/show_bug.cgi?id=1983988
https://git.kernel.org/pub/scm/virt/kvm/kvm.git/commit/?id=c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc
https://github.com/torvalds/linux/commit/c7dfa4009965a9b2d7b329ee970eb8da0d32f0bc
CopyrightCopyright (C) 2021 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.