Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2021-3490

Published: 11 May 2021

The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e ("bpf: Fix alu32 const subreg bound tracking on bitwise operations") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. The AND/OR issues were introduced by commit 3f50f132d840 ("bpf: Verifier, do explicit ALU32 bounds tracking") (5.7-rc1) and the XOR variant was introduced by 2921c90d4718 ("bpf:Fix a verifier failure with xor") ( 5.10-rc1).

From the Ubuntu Security Team

Manfred Paul discovered that the eBPF implementation in the Linux kernel did not properly track bounds on bitwise operations. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.

Notes

AuthorNote
sbeattie
introduced in v5.7-rc1

Priority

High

Cvss 3 Severity Score

7.8

Score breakdown

Status

Package Release Status
linux-aws-5.8
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

groovy Does not exist

hirsute Does not exist

focal Not vulnerable
(5.8.0-1035.37~20.04.1)
upstream
Released (5.13~rc4)
impish Does not exist

jammy Does not exist

kinetic Does not exist

linux-azure-5.8
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

groovy Does not exist

hirsute Does not exist

focal Not vulnerable
(5.8.0-1033.35~20.04.1)
upstream
Released (5.13~rc4)
impish Does not exist

jammy Does not exist

kinetic Does not exist

linux-gcp-5.8
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

groovy Does not exist

hirsute Does not exist

focal Not vulnerable
(5.8.0-1032.34~20.04.1)
upstream
Released (5.13~rc4)
impish Does not exist

jammy Does not exist

kinetic Does not exist

linux-oracle-5.8
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

groovy Does not exist

hirsute Does not exist

focal Not vulnerable
(5.8.0-1031.32~20.04.2)
upstream
Released (5.13~rc4)
impish Does not exist

jammy Does not exist

kinetic Does not exist

linux-riscv-5.8
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

groovy Does not exist

hirsute Does not exist

focal
Released (5.8.0-25.27~20.04.1)
upstream
Released (5.13~rc4)
impish Does not exist

jammy Does not exist

kinetic Does not exist

linux-bluefield
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

hirsute Does not exist

focal Not vulnerable
(5.4.0-1007.10)
upstream
Released (5.13~rc4)
impish Does not exist

jammy Does not exist

kinetic Does not exist

linux-hwe-5.11
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

hirsute Does not exist

focal Not vulnerable
(5.11.0-22.23~20.04.1)
upstream
Released (5.13~rc4)
impish Does not exist

jammy Does not exist

kinetic Does not exist

linux-riscv-5.11
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

hirsute Does not exist

focal Not vulnerable
(5.11.0-1015.16~20.04.1)
upstream
Released (5.13~rc4)
impish Does not exist

jammy Does not exist

kinetic Does not exist

linux-oem-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable
(5.13.0-1009.10)
hirsute Does not exist

upstream
Released (5.13~rc4)
impish Does not exist

jammy Does not exist

kinetic Does not exist

linux-aws-5.11
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

hirsute Does not exist

impish Does not exist

focal Not vulnerable
(5.11.0-1009.9~20.04.2)
upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-azure-5.11
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

hirsute Does not exist

impish Does not exist

focal Not vulnerable
(5.11.0-1007.7~20.04.2)
upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-oracle-5.11
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

hirsute Does not exist

impish Does not exist

focal Not vulnerable
(5.11.0-1008.8~20.04.1)
upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux
Launchpad, Ubuntu, Debian
impish Not vulnerable
(5.11.0-18.19+21.10.1)
groovy
Released (5.8.0-53.60)
hirsute
Released (5.11.0-17.18)
precise Not vulnerable
(code not present)
trusty Not vulnerable
(code not present)
xenial Not vulnerable
(code not present)
bionic Not vulnerable
(code not present)
focal Not vulnerable
(code not present)
upstream
Released (5.13~rc4)
jammy Not vulnerable
(5.13.0-19.19)
kinetic Not vulnerable
(5.15.0-25.25)
Patches:
Introduced by

3f50f132d8400e129fc9eb68b5020167ef80a244

Fixed by 049c4e13714ecbca567b4d5f6d563f05d431c80e|local-CVE-2021-3490
Introduced by

2921c90d471889242c24cff529043afb378937fa

Fixed by 049c4e13714ecbca567b4d5f6d563f05d431c80e|local-CVE-2021-3490
linux-hwe
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Not vulnerable
(code not present)
bionic Ignored
(replaced by linux-hwe-5.4)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-hwe-5.4
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Not vulnerable
(code not present)
focal Does not exist

groovy Does not exist

hirsute Does not exist

jammy Does not exist

upstream
Released (5.13~rc4)
kinetic Does not exist

linux-hwe-5.8
Launchpad, Ubuntu, Debian
impish Does not exist

focal
Released (5.8.0-53.60~20.04.1)
precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Does not exist

groovy Does not exist

hirsute Does not exist

jammy Does not exist

upstream
Released (5.13~rc4)
kinetic Does not exist

linux-hwe-edge
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Ignored
(superseded by linux-hwe)
bionic Ignored
(superseded by linux-hwe-5.4)
focal Does not exist

groovy Does not exist

hirsute Does not exist

jammy Does not exist

upstream
Released (5.13~rc4)
kinetic Does not exist

linux-lts-trusty
Launchpad, Ubuntu, Debian
impish Does not exist

trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

precise Not vulnerable
(code not present)
kinetic Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

trusty Not vulnerable
(code not present)
kinetic Does not exist

linux-kvm
Launchpad, Ubuntu, Debian
impish Not vulnerable
(5.11.0-1008.8+21.10.1)
groovy
Released (5.8.0-1027.29)
hirsute
Released (5.11.0-1007.7)
precise Does not exist

trusty Does not exist

upstream
Released (5.13~rc4)
jammy Not vulnerable
(5.13.0-1004.4)
bionic Not vulnerable
(code not present)
focal Not vulnerable
(code not present)
xenial Not vulnerable
(code not present)
kinetic Not vulnerable
(5.15.0-1004.4)
linux-aws
Launchpad, Ubuntu, Debian
impish Not vulnerable
(5.11.0-1008.8+21.10.1)
groovy
Released (5.8.0-1033.35)
hirsute
Released (5.11.0-1007.7)
precise Does not exist

trusty Not vulnerable
(code not present)
bionic Not vulnerable
(code not present)
focal Not vulnerable
(code not present)
upstream
Released (5.13~rc4)
jammy Not vulnerable
(5.13.0-1005.6)
xenial Not vulnerable
(code not present)
kinetic Not vulnerable
(5.15.0-1004.6)
linux-aws-5.0
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-aws-5.3)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-aws-5.3
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-aws-5.4)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-aws-5.4
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Not vulnerable
(code not present)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-aws-hwe
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Not vulnerable
(code not present)
bionic Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-azure
Launchpad, Ubuntu, Debian
impish Not vulnerable
(5.11.0-1006.6+21.10.1)
groovy
Released (5.8.0-1032.34)
hirsute
Released (5.11.0-1005.5)
precise Does not exist

bionic Ignored
(superseded by linux-azure-5.3)
upstream
Released (5.13~rc4)
jammy Not vulnerable
(5.13.0-1006.7)
focal Not vulnerable
(code not present)
trusty Not vulnerable
(code not present)
xenial Not vulnerable
(code not present)
kinetic Not vulnerable
(5.15.0-1003.4)
linux-azure-4.15
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

bionic Not vulnerable
(code not present)
kinetic Does not exist

linux-azure-5.3
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-azure-5.4)
focal Does not exist

groovy Does not exist

hirsute Does not exist

jammy Does not exist

upstream
Released (5.13~rc4)
kinetic Does not exist

linux-azure-5.4
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Not vulnerable
(code not present)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-dell300x
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Not vulnerable
(code not present)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-azure-edge
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-azure-5.3)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-gcp
Launchpad, Ubuntu, Debian
impish Not vulnerable
(5.11.0-1008.8+21.10.1)
groovy
Released (5.8.0-1031.32)
hirsute
Released (5.11.0-1007.7)
precise Does not exist

trusty Does not exist

bionic Ignored
(superseded by linux-gcp-5.3)
jammy Not vulnerable
(5.13.0-1005.6)
focal Not vulnerable
(code not present)
xenial Not vulnerable
(code not present)
upstream
Released (5.13~rc4)
kinetic Not vulnerable
(5.15.0-1003.6)
linux-gcp-4.15
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

bionic Not vulnerable
(code not present)
kinetic Does not exist

linux-gcp-5.3
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-gcp-5.4)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-gcp-5.4
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Not vulnerable
(code not present)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-gcp-edge
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-gcp-5.3)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-gke-4.15
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

jammy Does not exist

bionic Not vulnerable
(code not present)
upstream
Released (5.13~rc4)
kinetic Does not exist

linux-gke-5.0
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

bionic Not vulnerable
(code not present)
kinetic Does not exist

linux-gke-5.3
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

jammy Does not exist

bionic Not vulnerable
(code not present)
upstream
Released (5.13~rc4)
kinetic Does not exist

linux-gke-5.4
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Not vulnerable
(code not present)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-gkeop
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable
(code not present)
groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Needs triage

kinetic Does not exist

linux-gkeop-5.4
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

bionic Not vulnerable
(code not present)
kinetic Does not exist

linux-oracle
Launchpad, Ubuntu, Debian
impish Not vulnerable
(5.11.0-1007.7+21.10.1)
groovy
Released (5.8.0-1029.30)
hirsute
Released (5.11.0-1006.6)
precise Does not exist

trusty Does not exist

upstream
Released (5.13~rc4)
jammy Not vulnerable
(5.13.0-1008.10)
bionic Not vulnerable
(code not present)
focal Not vulnerable
(code not present)
xenial Not vulnerable
(code not present)
kinetic Not vulnerable
(5.15.0-1002.4)
linux-oracle-5.0
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-oracle-5.3)
focal Does not exist

groovy Does not exist

hirsute Does not exist

jammy Does not exist

upstream
Released (5.13~rc4)
kinetic Does not exist

linux-oracle-5.3
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Ignored
(superseded by linux-oracle-5.4)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-oracle-5.4
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Not vulnerable
(code not present)
focal Does not exist

groovy Does not exist

hirsute Does not exist

jammy Does not exist

upstream
Released (5.13~rc4)
kinetic Does not exist

linux-oem
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

bionic Not vulnerable
(code not present)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

xenial Ignored
(superseded by linux-hwe)
linux-oem-5.6
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable
(code not present)
groovy Does not exist

hirsute Does not exist

jammy Does not exist

upstream
Released (5.13~rc4)
kinetic Does not exist

linux-oem-5.10
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Does not exist

focal
Released (5.10.0-1026.27)
groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-oem-osp1
Launchpad, Ubuntu, Debian
impish Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

jammy Does not exist

bionic Not vulnerable
(code not present)
upstream
Released (5.13~rc4)
kinetic Does not exist

linux-raspi
Launchpad, Ubuntu, Debian
impish Not vulnerable
(5.11.0-1009.10+21.10.1)
precise Does not exist

jammy Not vulnerable
(5.13.0-1008.9)
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable
(code not present)
groovy
Released (5.8.0-1024.27)
hirsute
Released (5.11.0-1008.8)
upstream
Released (5.13~rc4)
kinetic Not vulnerable
(5.15.0-1005.5)
linux-raspi2
Launchpad, Ubuntu, Debian
impish Does not exist

jammy Does not exist

precise Does not exist

trusty Does not exist

xenial Ignored
(end of standard support, was needs-triage)
bionic Not vulnerable
(code not present)
focal Ignored
(replaced by linux-raspi)
groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
kinetic Does not exist

linux-raspi2-5.3
Launchpad, Ubuntu, Debian
impish Does not exist

jammy Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Not vulnerable
(code not present)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
kinetic Does not exist

linux-raspi-5.4
Launchpad, Ubuntu, Debian
impish Does not exist

jammy Does not exist

precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Not vulnerable
(code not present)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
kinetic Does not exist

linux-riscv
Launchpad, Ubuntu, Debian
impish Not vulnerable
(5.11.0-1009.9+21.10.1)
jammy Not vulnerable
(5.13.0-1004.4)
precise Does not exist

trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable
(code not present)
groovy
Released (5.8.0-25.27)
hirsute
Released (5.11.0-1008.8)
upstream
Released (5.13~rc4)
kinetic Not vulnerable
(5.15.0-1007.7)
linux-snapdragon
Launchpad, Ubuntu, Debian
impish Does not exist

jammy Does not exist

precise Does not exist

trusty Does not exist

xenial Ignored
(end of standard support, was needs-triage)
bionic Not vulnerable
(code not present)
focal Does not exist

groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
kinetic Does not exist

linux-gke
Launchpad, Ubuntu, Debian
impish Does not exist

jammy Not vulnerable
(5.15.0-1002.2)
precise Does not exist

trusty Does not exist

xenial Ignored
(reached end of standard support)
bionic Does not exist

focal Not vulnerable
(5.4.0-1033.35)
groovy Does not exist

hirsute Does not exist

upstream
Released (5.13~rc4)
kinetic Does not exist

linux-ibm
Launchpad, Ubuntu, Debian
impish Does not exist

trusty Does not exist

xenial Does not exist

bionic Does not exist

hirsute Does not exist

focal Not vulnerable
(5.4.0-1003.4)
upstream
Released (5.13~rc4)
jammy Not vulnerable
(5.15.0-1002.2)
kinetic Not vulnerable
(5.15.0-1002.2)
linux-gcp-5.11
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

hirsute Does not exist

impish Does not exist

focal Not vulnerable
(5.11.0-1009.10~20.04.1)
upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-oem-5.14
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

hirsute Does not exist

impish Does not exist

focal Not vulnerable
(5.14.0-1004.4)
upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-intel-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable
(5.13.0-1007.7)
hirsute Does not exist

impish Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-azure-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable
(5.13.0-1009.10~20.04.2)
impish Does not exist

upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-hwe-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

impish Does not exist

focal Not vulnerable
(5.13.0-21.21~20.04.1)
upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-aws-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

impish Does not exist

focal Not vulnerable
(5.13.0-1008.9~20.04.2)
upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-fips
Launchpad, Ubuntu, Debian
trusty Does not exist

bionic Does not exist

focal Does not exist

hirsute Does not exist

impish Does not exist

upstream
Released (5.13~rc4)
xenial Ignored
(out of standard support)
jammy Does not exist

kinetic Does not exist

linux-oracle-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

impish Does not exist

focal Not vulnerable
(5.13.0-1011.13~20.04.2)
upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-gcp-5.13
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

impish Does not exist

focal Not vulnerable
(5.13.0-1008.9~20.04.3)
upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-ibm-5.4
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

focal Does not exist

impish Does not exist

bionic Not vulnerable
(5.4.0-1010.11~18.04.2)
upstream
Released (5.13~rc4)
jammy Does not exist

kinetic Does not exist

linux-azure-fde
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

impish Does not exist

focal Not vulnerable
(5.4.0-1063.66+cvm2.2)
upstream
Released (5.13~rc4)
jammy Needs triage

kinetic Does not exist

linux-lowlatency
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

impish Does not exist

jammy Not vulnerable
(5.15.0-22.22)
upstream
Released (5.13~rc4)
kinetic Not vulnerable
(5.15.0-24.24)
linux-oem-5.17
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

impish Does not exist

jammy Not vulnerable
(5.17.0-1003.3)
upstream
Released (5.13~rc4)
kinetic Not vulnerable
(5.17.0-1003.3)
linux-intel-iotg
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

impish Does not exist

jammy Not vulnerable

upstream Needs triage

kinetic Does not exist

linux-intel-iotg-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable

impish Does not exist

jammy Does not exist

upstream Needs triage

kinetic Does not exist

linux-lowlatency-hwe-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable

jammy Does not exist

upstream Needs triage

kinetic Does not exist

linux-hwe-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable

jammy Does not exist

upstream Needs triage

kinetic Does not exist

linux-aws-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

jammy Does not exist

upstream Needs triage

focal Not vulnerable

kinetic Does not exist

linux-gcp-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable

jammy Does not exist

upstream Needs triage

kinetic Does not exist

linux-gke-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable

jammy Does not exist

upstream Needs triage

kinetic Does not exist

linux-azure-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable

jammy Does not exist

upstream Needs triage

kinetic Does not exist

linux-oracle-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable

jammy Does not exist

upstream Needs triage

kinetic Does not exist

linux-azure-fde-5.15
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Not vulnerable

jammy Does not exist

kinetic Does not exist

upstream Needs triage

linux-oem-6.0
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Needs triage

kinetic Does not exist

upstream Needs triage

linux-oem-6.1
Launchpad, Ubuntu, Debian
trusty Does not exist

xenial Does not exist

bionic Does not exist

focal Does not exist

jammy Not vulnerable

kinetic Does not exist

upstream Needs triage

Severity score breakdown

Parameter Value
Base score 7.8
Attack vector Local
Attack complexity Low
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H