CVE-2021-20194

Published: 23 February 2021

There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.

From the Ubuntu security team

Loris Reiff discovered that the BPF implementation in the Linux kernel did not properly validate attributes in the getsockopt BPF hook. A local attacker could possibly use this to cause a denial of service (system crash).

Priority

Low

CVSS 3 base score: 7.8

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(5.11.0-11.12)
Ubuntu 20.10 (Groovy Gorilla)
Released (5.8.0-45.51)
Ubuntu 20.04 LTS (Focal Fossa) Pending
(5.4.0-71.79)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(4.13.0-16.19)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.2.0-16.19)
Ubuntu 14.04 ESM (Trusty Tahr) Ignored
(was needs-triage ESM criteria)
Patches:
Introduced by 0d01da6afc5402f60325c5da31b22f7d56689b49
Fixed by bb8b81e396f7afbe7c50d789e2107512274d2a35
Introduced by 0d01da6afc5402f60325c5da31b22f7d56689b49
Fixed by f4a2da755a7e1f5d845c52aee71336cee289935a
linux-aws
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(5.8.0-1025.27+21.04.1)
Ubuntu 20.10 (Groovy Gorilla)
Released (5.8.0-1025.27)
Ubuntu 20.04 LTS (Focal Fossa) Needed

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(4.15.0-1001.1)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-1001.10)
Ubuntu 14.04 ESM (Trusty Tahr) Ignored
(was needs-triage ESM criteria)
linux-aws-5.0
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(superseded by linux-aws-5.3)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-aws-5.3
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(superseded by linux-aws-5.4)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-aws-5.4
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-aws-hwe
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.15.0-1030.31~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-azure
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(5.8.0-1024.26+21.04.1)
Ubuntu 20.10 (Groovy Gorilla)
Released (5.8.0-1024.26)
Ubuntu 20.04 LTS (Focal Fossa) Needed

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(superseded by linux-azure-5.3)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.11.0-1009.9)
Ubuntu 14.04 ESM (Trusty Tahr) Ignored
(was needs-triage ESM criteria)
linux-azure-4.15
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(4.15.0-1082.92)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-azure-5.3
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(superseded by linux-azure-5.4)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-azure-5.4
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-azure-edge
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(superseded by linux-azure-5.3)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-dell300x
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(4.15.0-1005.8)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gcp
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(5.8.0-1024.25+21.04.1)
Ubuntu 20.10 (Groovy Gorilla)
Released (5.8.0-1024.25)
Ubuntu 20.04 LTS (Focal Fossa) Pending
(5.4.0-1041.44)
Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(superseded by linux-gcp-5.3)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.10.0-1004.4)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gcp-4.15
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(4.15.0-1071.81)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gcp-5.3
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(superseded by linux-gcp-5.4)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gcp-5.4
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gcp-edge
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(superseded by linux-gcp-5.3)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gke-4.15
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(was needs-triage now end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gke-5.0
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(was needs-triage now end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gke-5.3
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gke-5.4
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gkeop
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Needed

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gkeop-5.4
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-hwe
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(replaced by linux-hwe-5.4)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.8.0-36.36~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-hwe-5.4
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Pending
(5.4.0-71.79~18.04.1)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-hwe-5.8
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa)
Released (5.8.0-45.51~20.04.1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-hwe-edge
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(superseded by linux-hwe-5.4)
Ubuntu 16.04 LTS (Xenial Xerus) Ignored
(superseded by linux-hwe)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-kvm
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(5.8.0-1020.22+21.04.1)
Ubuntu 20.10 (Groovy Gorilla)
Released (5.8.0-1020.22)
Ubuntu 20.04 LTS (Focal Fossa) Pending
(5.4.0-1037.38)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(4.15.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-1004.9)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-trusty
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Ignored
(was needs-triage ESM criteria)
linux-oem
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(was needs-triage now end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus) Ignored
(superseded by linux-hwe)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-oem-5.10
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa)
Released (5.10.0-1017.18)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-oem-5.6
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Pending

Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-oem-osp1
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(was needs-triage now end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-oracle
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(5.8.0-1022.23+21.04.1)
Ubuntu 20.10 (Groovy Gorilla)
Released (5.8.0-1022.23)
Ubuntu 20.04 LTS (Focal Fossa) Pending
(5.4.0-1042.45)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(4.15.0-1007.9)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.15.0-1007.9~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-oracle-5.0
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(superseded by linux-oracle-5.3)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-oracle-5.3
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Ignored
(superseded by linux-oracle-5.4)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-oracle-5.4
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-raspi
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Not vulnerable
(5.11.0-1003.3)
Ubuntu 20.10 (Groovy Gorilla)
Released (5.8.0-1017.20)
Ubuntu 20.04 LTS (Focal Fossa) Pending
(5.4.0-1033.36)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-raspi-5.4
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Ignored
(replaced by linux-raspi)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(4.13.0-1005.5)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.2.0-1013.19)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-raspi2-5.3
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Needed

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-riscv
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Pending
(5.8.0-18.20+21.04.1)
Ubuntu 20.10 (Groovy Gorilla)
Released (5.8.0-18.20)
Ubuntu 20.04 LTS (Focal Fossa) Ignored
(was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-snapdragon
Launchpad, Ubuntu, Debian 		Upstream
Released (5.11~rc7)
Ubuntu 21.04 (Hirsute Hippo) Does not exist

Ubuntu 20.10 (Groovy Gorilla) Does not exist

Ubuntu 20.04 LTS (Focal Fossa) Does not exist

Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(4.4.0-1077.82)
Ubuntu 16.04 LTS (Xenial Xerus) Not vulnerable
(4.4.0-1013.15)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

Notes

AuthorNote
sbeattie 
for 5.8 kernels, HARDENED_USERCOPY is enabled, and so is less likely to be vulnerable to code execution. Also, user BPF is disabled if booted under secure boot/lockdown.

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu 14.04 Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM

Further reading