CVE-2021-3653

Published: 16 August 2021

[KVM AMD missing validation of the `int_ctl` VMCB field and allows a malicious L1 guest to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. The L2 guest is able to write to a limited but still relatively large subset of the host physical memory.]

From the Ubuntu security team

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory.

Priority

Status

Package	Release	Status
linux Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Released (5.11.0-34.36)
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.4.0-84.94)
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-156.163)
	Ubuntu 16.04 ESM (Xenial Xerus)	Released (4.4.0-214.246)
	Ubuntu 14.04 ESM (Trusty Tahr)	Ignored (ESM criteria, not a high on 3.13)
	Patches: Introduced by 3d6368ef580a4dff012960834bba4e28d3c1430c Fixed by 0f923e07124df069ba68d8bb12324398f4b6b709\|local-CVE-2021-3653-fix
linux-aws Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Released (5.11.0-1017.18)
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.4.0-1056.59)
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-1111.118)
	Ubuntu 16.04 ESM (Xenial Xerus)	Released (4.4.0-1132.146)
	Ubuntu 14.04 ESM (Trusty Tahr)	Released (4.4.0-1096.101)
linux-aws-5.0 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (superseded by linux-aws-5.3)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-aws-5.11 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.11.0-1017.18~20.04.1)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-aws-5.3 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (superseded by linux-aws-5.4)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-aws-5.4 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (5.4.0-1056.59~18.04.1)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-aws-5.8 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Ignored (was needs-triage now end-of-life)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-aws-hwe Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Released (4.15.0-1111.118~16.04.1)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-azure Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Released (5.11.0-1015.16)
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.4.0-1058.60)
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (superseded by linux-azure-5.3)
	Ubuntu 16.04 ESM (Xenial Xerus)	Released (4.15.0-1123.136~16.04.1)
	Ubuntu 14.04 ESM (Trusty Tahr)	Released (4.15.0-1123.136~14.04.1)
linux-azure-4.15 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-1123.136)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-azure-5.11 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.11.0-1015.16~20.04.1)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-azure-5.3 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (superseded by linux-azure-5.4)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-azure-5.4 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (5.4.0-1058.60~18.04.1)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-azure-5.8 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.8.0-1041.44~20.04.1)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-azure-edge Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (superseded by linux-azure-5.3)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-bluefield Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Pending (5.4.0-1019.22)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-dell300x Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-1027.32)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gcp Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Released (5.11.0-1018.20)
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.4.0-1052.56)
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (superseded by linux-gcp-5.3)
	Ubuntu 16.04 ESM (Xenial Xerus)	Pending (4.15.0-1108.122~16.04.1)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gcp-4.15 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-1108.122)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gcp-5.3 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (superseded by linux-gcp-5.4)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gcp-5.4 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (5.4.0-1052.56~18.04.1)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gcp-5.8 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Ignored (was needs-triage now end-of-life)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gcp-edge Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (superseded by linux-gcp-5.3)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gke Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.4.0-1052.55)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (reached end of standard support)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gke-4.15 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (was needs-triage now end-of-life)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gke-5.0 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (was needs-triage now end-of-life)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gke-5.3 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (was needs-triage now end-of-life)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gke-5.4 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (5.4.0-1052.55~18.04.1)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gkeop Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.4.0-1023.24)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-gkeop-5.4 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (5.4.0-1023.24~18.04.1)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-hwe Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (replaced by linux-hwe-5.4)
	Ubuntu 16.04 ESM (Xenial Xerus)	Released (4.15.0-156.163~16.04.1)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-hwe-5.11 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.11.0-34.36~20.04.1)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-hwe-5.4 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (5.4.0-84.94~18.04.1)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-hwe-5.8 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Pending (5.8.0-65.73)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-hwe-edge Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (superseded by linux-hwe-5.4)
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (superseded by linux-hwe)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-kvm Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Released (5.11.0-1015.16)
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.4.0-1046.48)
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-1099.101)
	Ubuntu 16.04 ESM (Xenial Xerus)	Released (4.4.0-1097.106)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-lts-xenial Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Released (4.4.0-214.246~14.04.1)
linux-oem Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (was needs-triage now end-of-life)
	Ubuntu 16.04 ESM (Xenial Xerus)	Ignored (superseded by linux-hwe)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-oem-5.10 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.10.0-1045.47)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-oem-5.13 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.13.0-1012.16)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-oem-5.6 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Ignored (was needs-triage now end-of-life)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-oem-osp1 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (was needs-triage now end-of-life)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-oracle Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Released (5.11.0-1017.18)
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.4.0-1054.58)
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-1080.88)
	Ubuntu 16.04 ESM (Xenial Xerus)	Released (4.15.0-1080.88~16.04.1)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-oracle-5.0 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (superseded by linux-oracle-5.3)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-oracle-5.11 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.11.0-1017.18~20.04.1)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-oracle-5.3 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Ignored (superseded by linux-oracle-5.4)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-oracle-5.4 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (5.4.0-1054.58~18.04.1)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-oracle-5.8 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Ignored (was needs-triage now end-of-life)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-raspi Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Released (5.11.0-1017.18)
	Ubuntu 20.04 LTS (Focal Fossa)	Not vulnerable (AMD processors only)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-raspi-5.4 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Not vulnerable (AMD processors only)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-raspi2 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Not vulnerable (AMD processors only)
	Ubuntu 18.04 LTS (Bionic Beaver)	Not vulnerable (AMD processors only)
	Ubuntu 16.04 ESM (Xenial Xerus)	Not vulnerable (AMD processors only)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-raspi2-5.3 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Not vulnerable (AMD processors only)
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-riscv Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Released (5.11.0-1018.19)
	Ubuntu 20.04 LTS (Focal Fossa)	Not vulnerable (AMD processors only)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-riscv-5.11 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Released (5.11.0-1018.19~20.04.2)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-riscv-5.8 Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Not vulnerable (AMD processors only)
	Ubuntu 18.04 LTS (Bionic Beaver)	Does not exist
	Ubuntu 16.04 ESM (Xenial Xerus)	Does not exist
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist
linux-snapdragon Launchpad, Ubuntu, Debian	Upstream	Released (5.14~rc7)

	Ubuntu 21.04 (Hirsute Hippo)	Does not exist
	Ubuntu 20.04 LTS (Focal Fossa)	Does not exist
	Ubuntu 18.04 LTS (Bionic Beaver)	Released (4.15.0-1112.121)
	Ubuntu 16.04 ESM (Xenial Xerus)	Not vulnerable (AMD processors only)
	Ubuntu 14.04 ESM (Trusty Tahr)	Does not exist

Notes

Author	Note
cascardo	trusty libvirt/qemu does not create nested capable VMs by default

References

Join the discussion

Canonical is offering Extended Security Maintenance

Canonical is offering Ubuntu Extended Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›