CVE-2021-23133
Published: 22 April 2021
A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket.
From the Ubuntu security team
Or Cohen discovered that the SCTP implementation in the Linux kernel contained a race condition in some situations, leading to a use-after-free condition. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
Priority
Medium
CVSS 3 base score: 7.0
Status
| Package | Release | Status |
|---|---|---|
|
linux-aws-5.8 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| focal |
Released
(5.8.0-1038.40~20.04.1)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
|
linux-azure-5.8 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| focal |
Released
(5.8.0-1036.38~20.04.1)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
|
linux-gcp-5.8 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| focal |
Released
(5.8.0-1035.37~20.04.1)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
|
linux-oracle-5.8 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| focal |
Released
(5.8.0-1033.34~20.04.1)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
|
linux-riscv-5.8 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
| focal |
Released
(5.8.0-29.31~20.04.1)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
|
linux-gcp-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1046.49~18.04.1)
|
| impish |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-hwe-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-77.86~18.04.1)
|
| impish |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-oem-5.10 Launchpad, Ubuntu, Debian |
focal |
Released
(5.10.0-1032.33)
|
| impish |
Does not exist
|
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-hwe-5.11 Launchpad, Ubuntu, Debian |
focal |
Not vulnerable
(5.11.0-22.23~20.04.1)
|
| upstream |
Released
(5.13~rc1)
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
|
linux-riscv-5.11 Launchpad, Ubuntu, Debian |
focal |
Not vulnerable
(5.11.0-1015.16~20.04.1)
|
| upstream |
Released
(5.13~rc1)
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
|
linux-bluefield Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
| focal |
Released
(5.4.0-1013.16)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
|
linux-oem-5.13 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Not vulnerable
(5.13.0-1009.10)
|
|
| hirsute |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
|
linux-aws-5.11 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| focal |
Not vulnerable
(5.11.0-1009.9~20.04.2)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-azure-5.11 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Not vulnerable
(5.11.0-1007.7~20.04.2)
|
|
| hirsute |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
|
linux-oracle-5.11 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
| impish |
Does not exist
|
|
| focal |
Not vulnerable
(5.11.0-1008.8~20.04.1)
|
|
| jammy |
Does not exist
|
|
|
linux Launchpad, Ubuntu, Debian |
impish |
Not vulnerable
(5.11.0-20.21+21.10.1)
|
| bionic |
Released
(4.15.0-147.151)
|
|
| groovy |
Released
(5.8.0-59.66)
|
|
| precise |
Ignored
(was needs-triage ESM criteria)
|
|
| trusty |
Not vulnerable
(3.11.0-12.19)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| xenial |
Ignored
(was needs-triage now end-of-life)
|
|
| focal |
Released
(5.4.0-77.86)
|
|
| hirsute |
Released
(5.11.0-22.23)
|
|
| jammy |
Not vulnerable
(5.13.0-19.19)
|
|
|
linux-hwe Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| bionic |
Ignored
(replaced by linux-hwe-5.4)
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| xenial |
Released
(4.15.0-147.151~16.04.1)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-hwe-5.8 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| focal |
Released
(5.8.0-59.66~20.04.1)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Ignored
(superseded by linux-hwe)
|
|
| bionic |
Ignored
(superseded by linux-hwe-5.4)
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-lts-trusty Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| precise |
Ignored
(was needs-triage ESM criteria)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| trusty |
Not vulnerable
(4.4.0-13.29~14.04.1)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-kvm Launchpad, Ubuntu, Debian |
impish |
Not vulnerable
(5.11.0-1009.9+21.10.1)
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| bionic |
Released
(4.15.0-1094.96)
|
|
| focal |
Released
(5.4.0-1041.42)
|
|
| groovy |
Released
(5.8.0-1030.32)
|
|
| xenial |
Ignored
(was needs-triage now end-of-life)
|
|
| jammy |
Not vulnerable
(5.13.0-1004.4)
|
|
| hirsute |
Released
(5.11.0-1009.9)
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-aws Launchpad, Ubuntu, Debian |
impish |
Not vulnerable
(5.11.0-1009.9+21.10.1)
|
| precise |
Does not exist
|
|
| bionic |
Released
(4.15.0-1106.113)
|
|
| focal |
Released
(5.4.0-1051.53)
|
|
| groovy |
Released
(5.8.0-1038.40)
|
|
| hirsute |
Released
(5.11.0-1011.11)
|
|
| trusty |
Not vulnerable
(4.4.0-1002.2)
|
|
| xenial |
Not vulnerable
(4.4.0-1001.10)
|
|
| jammy |
Not vulnerable
(5.13.0-1005.6)
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-aws-5.0 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Ignored
(superseded by linux-aws-5.3)
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-aws-5.3 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Ignored
(superseded by linux-aws-5.4)
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-aws-5.4 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| bionic |
Released
(5.4.0-1051.53~18.04.1)
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-aws-hwe Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| xenial |
Released
(4.15.0-1106.113~16.04.1)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-azure Launchpad, Ubuntu, Debian |
impish |
Not vulnerable
(5.11.0-1007.7+21.10.1)
|
| precise |
Does not exist
|
|
| bionic |
Ignored
(superseded by linux-azure-5.3)
|
|
| groovy |
Released
(5.8.0-1036.38)
|
|
| hirsute |
Released
(5.11.0-1009.9)
|
|
| trusty |
Released
(4.15.0-1118.131~14.04.1)
|
|
| xenial |
Released
(4.15.0-1118.131~16.04.1)
|
|
| jammy |
Not vulnerable
(5.13.0-1006.7)
|
|
| focal |
Released
(5.4.0-1051.53)
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-azure-4.15 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Released
(4.15.0-1118.131)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-azure-5.3 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Ignored
(superseded by linux-azure-5.4)
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-azure-5.4 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| bionic |
Released
(5.4.0-1051.53~18.04.1)
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-dell300x Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Released
(4.15.0-1022.26)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-azure-edge Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Ignored
(superseded by linux-azure-5.3)
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-gcp Launchpad, Ubuntu, Debian |
impish |
Not vulnerable
(5.11.0-1009.10+21.10.1)
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| bionic |
Ignored
(superseded by linux-gcp-5.3)
|
|
| groovy |
Released
(5.8.0-1035.37)
|
|
| hirsute |
Released
(5.11.0-1011.12)
|
|
| xenial |
Released
(4.15.0-1103.116~16.04.1)
|
|
| jammy |
Not vulnerable
(5.13.0-1005.6)
|
|
| focal |
Released
(5.4.0-1046.49)
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-gcp-4.15 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Released
(4.15.0-1103.116)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-gcp-5.3 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Ignored
(superseded by linux-gcp-5.4)
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-gcp-edge Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Ignored
(superseded by linux-gcp-5.3)
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-gke-4.15 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Ignored
(was needs-triage now end-of-life)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-gke-5.0 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Ignored
(was needs-triage now end-of-life)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-gke-5.3 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Ignored
(was needed now end-of-life)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-gke-5.4 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Released
(5.4.0-1046.48~18.04.1)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-gkeop Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| focal |
Released
(5.4.0-1018.19)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-gkeop-5.4 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Released
(5.4.0-1018.19~18.04.1)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-oracle Launchpad, Ubuntu, Debian |
impish |
Not vulnerable
(5.11.0-1008.8+21.10.1)
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| bionic |
Released
(4.15.0-1075.83)
|
|
| focal |
Released
(5.4.0-1048.52)
|
|
| groovy |
Released
(5.8.0-1033.34)
|
|
| hirsute |
Released
(5.11.0-1010.10)
|
|
| xenial |
Released
(4.15.0-1075.83~16.04.1)
|
|
| jammy |
Not vulnerable
(5.13.0-1008.10)
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-oracle-5.0 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Ignored
(superseded by linux-oracle-5.3)
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-oracle-5.3 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Ignored
(superseded by linux-oracle-5.4)
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-oracle-5.4 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Released
(5.4.0-1048.52~18.04.1)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-oem Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Ignored
(superseded by linux-hwe)
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Ignored
(was needs-triage now end-of-life)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-oem-5.6 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| focal |
Ignored
(was needed now end-of-life)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-oem-osp1 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Ignored
(was needs-triage now end-of-life)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-raspi Launchpad, Ubuntu, Debian |
impish |
Not vulnerable
(5.13.0-1006.7)
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Released
(5.4.0-1038.41)
|
|
| groovy |
Released
(5.8.0-1029.32)
|
|
| hirsute |
Released
(5.11.0-1012.13)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Not vulnerable
(5.13.0-1008.9)
|
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| focal |
Ignored
(replaced by linux-raspi)
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Released
(4.15.0-1089.94)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| xenial |
Ignored
(was needs-triage now end-of-life)
|
|
| jammy |
Does not exist
|
|
|
linux-raspi2-5.3 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Ignored
(was needed now end-of-life)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-raspi-5.4 Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Released
(5.4.0-1038.41~18.04.1)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-riscv Launchpad, Ubuntu, Debian |
impish |
Not vulnerable
(5.11.0-1010.10+21.10.2)
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| groovy |
Released
(5.8.0-29.31)
|
|
| hirsute |
Released
(5.11.0-1012.12)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Not vulnerable
(5.13.0-1004.4)
|
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| focal |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| bionic |
Released
(4.15.0-1106.115)
|
|
| xenial |
Ignored
(was needs-triage now end-of-life)
|
|
| jammy |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
|
linux-gke Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| precise |
Does not exist
|
|
| trusty |
Does not exist
|
|
| xenial |
Ignored
(reached end of standard support)
|
|
| bionic |
Does not exist
|
|
| focal |
Released
(5.4.0-1046.48)
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Not vulnerable
(5.15.0-1002.2)
|
|
|
linux-ibm Launchpad, Ubuntu, Debian |
impish |
Does not exist
|
| trusty |
Does not exist
|
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| focal |
Not vulnerable
(5.4.0-1003.4)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Not vulnerable
(5.15.0-1002.2)
|
|
|
linux-gcp-5.11 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| focal |
Not vulnerable
(5.11.0-1009.10~20.04.1)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-oem-5.14 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Not vulnerable
(5.14.0-1004.4)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-intel-5.13 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Not vulnerable
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-azure-5.13 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| impish |
Does not exist
|
|
| focal |
Not vulnerable
(5.13.0-1009.10~20.04.2)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-hwe-5.13 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| impish |
Does not exist
|
|
| focal |
Not vulnerable
(5.13.0-21.21~20.04.1)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-aws-5.13 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| impish |
Does not exist
|
|
| focal |
Not vulnerable
(5.13.0-1008.9~20.04.2)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-fips Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Not vulnerable
(4.4.0-1073.79)
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-oracle-5.13 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| impish |
Does not exist
|
|
| focal |
Not vulnerable
(5.13.0-1011.13~20.04.2)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-gcp-5.13 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| impish |
Does not exist
|
|
| focal |
Not vulnerable
(5.13.0-1008.9~20.04.3)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-ibm-5.4 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| focal |
Does not exist
|
|
| impish |
Does not exist
|
|
| bionic |
Not vulnerable
(5.4.0-1010.11~18.04.2)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-azure-fde Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| impish |
Does not exist
|
|
| focal |
Not vulnerable
(5.4.0-1063.66+cvm2.2)
|
|
| upstream |
Released
(5.13~rc1)
|
|
| jammy |
Does not exist
|
|
|
linux-lowlatency Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Not vulnerable
|
|
| upstream |
Needs triage
|
|
|
linux-oem-5.17 Launchpad, Ubuntu, Debian |
trusty |
Does not exist
|
| xenial |
Does not exist
|
|
| bionic |
Does not exist
|
|
| focal |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Not vulnerable
|
|
| upstream |
Needs triage
|
Notes
| Author | Note |
|---|---|
| sbeattie | commit b166a20b0738 "net/sctp: fix race condition in sctp_destroy_sock" in net-next |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23133
- https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=b166a20b07382b8bc1dcee2a448715c9c2c81b5b
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b166a20b07382b8bc1dcee2a448715c9c2c81b5b
- https://www.openwall.com/lists/oss-security/2021/04/18/2
- https://ubuntu.com/security/notices/USN-4997-1
- https://ubuntu.com/security/notices/USN-4999-1
- https://ubuntu.com/security/notices/USN-5000-1
- https://ubuntu.com/security/notices/USN-5001-1
- https://ubuntu.com/security/notices/USN-5003-1
- https://ubuntu.com/security/notices/USN-5000-2
- https://ubuntu.com/security/notices/USN-4997-2
- NVD
- Launchpad
- Debian