CVE-2021-3653
Published: 16 August 2021
A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.
From the Ubuntu Security Team
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory.
Notes
Author | Note |
---|---|
cascardo | trusty libvirt/qemu does not create nested capable VMs by default |
Mitigation
Disable nested virtualisation when loading the KVM AMD module: modprobe kvm_amd nested=0
Priority
Status
Package | Release | Status |
---|---|---|
linux Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-156.163)
|
focal |
Released
(5.4.0-84.94)
|
|
hirsute |
Released
(5.11.0-34.36)
|
|
impish |
Not vulnerable
(5.13.0-16.16)
|
|
jammy |
Not vulnerable
(5.13.0-19.19)
|
|
kinetic |
Not vulnerable
(5.15.0-25.25)
|
|
lunar |
Not vulnerable
(5.15.0-25.25)
|
|
mantic |
Not vulnerable
(6.2.0-20.20)
|
|
noble |
Not vulnerable
(6.5.0-9.9)
|
|
trusty |
Ignored
(ESM criteria, not a high on 3.13)
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Released
(4.4.0-214.246)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
Patches: Introduced by 3d6368ef580a4dff012960834bba4e28d3c1430c |
||
linux-allwinner Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Not vulnerable
|
|
lunar |
Not vulnerable
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(end of life, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-allwinner-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(end of life, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-aws Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1111.118)
|
focal |
Released
(5.4.0-1056.59)
|
|
hirsute |
Released
(5.11.0-1017.18)
|
|
impish |
Not vulnerable
(5.13.0-1005.6)
|
|
jammy |
Not vulnerable
(5.13.0-1005.6)
|
|
kinetic |
Not vulnerable
(5.15.0-1004.6)
|
|
lunar |
Not vulnerable
(5.15.0-1004.6)
|
|
mantic |
Not vulnerable
(6.2.0-1003.3)
|
|
noble |
Not vulnerable
(6.5.0-1008.8)
|
|
trusty |
Released
(4.4.0-1096.101)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Released
(4.4.0-1132.146)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
linux-aws-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.3)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-aws-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.11.0-1017.18~20.04.1)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-aws-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.13.0-1008.9~20.04.2)
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-aws-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.15.0-1014.18~20.04.1)
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-aws-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-6.2, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-aws-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.4)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-aws-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1056.59~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-aws-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(superseded by linux-aws-5.11, was needs-triage)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-aws-6.2 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-aws-6.5, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-aws-6.5 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.5.0-1008.8~22.04.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-aws-fips Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-aws-hwe Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Released
(4.15.0-1111.118~16.04.1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
linux-azure Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
focal |
Released
(5.4.0-1058.60)
|
|
hirsute |
Released
(5.11.0-1015.16)
|
|
impish |
Not vulnerable
(5.13.0-1004.5)
|
|
jammy |
Not vulnerable
(5.13.0-1006.7)
|
|
kinetic |
Not vulnerable
(5.15.0-1003.4)
|
|
lunar |
Not vulnerable
(5.15.0-1003.4)
|
|
mantic |
Not vulnerable
(6.2.0-1003.3)
|
|
noble |
Not vulnerable
(6.5.0-1007.7)
|
|
trusty |
Released
(4.15.0-1123.136~14.04.1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Released
(4.15.0-1123.136~16.04.1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
linux-azure-4.15 Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1123.136)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-azure-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.11.0-1015.16~20.04.1)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-azure-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.13.0-1009.10~20.04.2)
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-azure-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.15.0-1007.8~20.04.1)
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-azure-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-6.2, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-azure-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.4)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-azure-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1058.60~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-azure-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.8.0-1041.44~20.04.1)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-azure-6.2 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-6.5, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-azure-6.5 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.5.0-1007.7~22.04.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-azure-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-azure-fde Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.4.0-1058.60)
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.15.0-1019.24.1)
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-azure-fde-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.15.0-1019.24~20.04.1.1)
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-azure-fde-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-azure-fde-6.2, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-azure-fde-6.2 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(replaced by linux-azure-6.5, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-azure-fips Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-bluefield Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.4.0-1019.22)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.15.0-1011.13)
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-dell300x Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1027.32)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-fips Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Ignored
(end of standard support)
|
|
linux-gcp Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.3)
|
focal |
Released
(5.4.0-1052.56)
|
|
hirsute |
Released
(5.11.0-1018.20)
|
|
impish |
Not vulnerable
(5.13.0-1003.4)
|
|
jammy |
Not vulnerable
(5.13.0-1005.6)
|
|
kinetic |
Not vulnerable
(5.15.0-1003.6)
|
|
lunar |
Not vulnerable
(5.15.0-1003.6)
|
|
mantic |
Not vulnerable
(6.2.0-1005.5)
|
|
noble |
Not vulnerable
(6.5.0-1007.7)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Released
(4.15.0-1108.122~16.04.1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
linux-gcp-4.15 Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1108.122)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gcp-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.11.0-1018.20~20.04.2)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gcp-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.13.0-1008.9~20.04.3)
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gcp-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.15.0-1006.9~20.04.1)
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gcp-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-6.2, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-gcp-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.4)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gcp-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1052.56~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gcp-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(superseded by linux-gcp-5.11, was needs-triage)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gcp-6.2 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-gcp-6.5, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-gcp-6.5 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.5.0-1010.10~22.04.3)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gcp-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.3)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gcp-fips Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gke Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.4.0-1052.55)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.15.0-1002.2)
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Not vulnerable
(6.8.0-1003.5)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Ignored
(end of standard support)
|
|
linux-gke-4.15 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gke-5.0, was needs-triage)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gke-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of standard support, was needs-triage)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gke-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(end of life, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-gke-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of standard support, was needs-triage)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gke-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1052.55~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gkeop Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.4.0-1023.24)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.15.0-1001.2)
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gkeop-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.15.0-1003.5~20.04.2)
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-gkeop-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1023.24~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-hwe Launchpad, Ubuntu, Debian |
bionic |
Ignored
(replaced by linux-hwe-5.4)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Released
(4.15.0-156.163~16.04.1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
linux-hwe-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.11.0-34.36~20.04.1)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-hwe-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.13.0-21.21~20.04.1)
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-hwe-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.15.0-33.34~20.04.1)
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-hwe-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-hwe-6.2, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-hwe-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-84.94~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-hwe-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(superseded by linux-hwe-5.11, was pending)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-hwe-6.2 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-hwe-6.5, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-hwe-6.5 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.5.0-14.14~22.04.1)
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-hwe-5.4)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Ignored
(superseded by linux-hwe)
|
|
linux-ibm Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.4.0-1004.5)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.15.0-1002.2)
|
|
kinetic |
Not vulnerable
(5.15.0-1002.2)
|
|
lunar |
Not vulnerable
(5.15.0-1002.2)
|
|
mantic |
Not vulnerable
(5.15.0-1002.2)
|
|
noble |
Not vulnerable
(6.5.0-1009.9)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-ibm-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.15.0-1033.36~20.04.1)
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-ibm-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(5.4.0-1010.11~18.04.2)
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-intel Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Not vulnerable
(6.8.0-1001.6)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-intel-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.13.0-1007.7)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-intel-iotg Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.15.0-1004.6)
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-intel-iotg-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.15.0-1003.5~20.04.1)
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-iot Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.4.0-1001.3)
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-kvm Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1099.101)
|
focal |
Released
(5.4.0-1046.48)
|
|
hirsute |
Released
(5.11.0-1015.16)
|
|
impish |
Not vulnerable
(5.13.0-1002.2)
|
|
jammy |
Not vulnerable
(5.13.0-1004.4)
|
|
kinetic |
Not vulnerable
(5.15.0-1004.4)
|
|
lunar |
Not vulnerable
(5.15.0-1004.4)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Released
(4.4.0-1097.106)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
linux-laptop Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Not vulnerable
(6.5.0-1003.6)
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-lowlatency Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.15.0-22.22)
|
|
kinetic |
Not vulnerable
(5.15.0-24.24)
|
|
lunar |
Not vulnerable
(5.15.0-24.24)
|
|
mantic |
Not vulnerable
(6.2.0-1003.3)
|
|
noble |
Not vulnerable
(6.5.0-9.9.1)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-lowlatency-hwe-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.15.0-33.34~20.04.1)
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-lowlatency-hwe-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-lowlatency-hwe-6.2, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-lowlatency-hwe-6.2 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-lowlatency-hwe-6.5, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-lowlatency-hwe-6.5 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.5.0-14.14.1~22.04.1)
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Released
(4.4.0-214.246~14.04.1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-nvidia Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(5.15.0-1005.5)
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Not vulnerable
(6.8.0-1007.7)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-nvidia-6.2 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-nvidia-6.5, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-nvidia-6.5 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.5.0-1004.4)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oem Launchpad, Ubuntu, Debian |
bionic |
Ignored
(replaced by linux-hwe-5.4, was needs-triage)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Ignored
(end of standard support)
|
|
linux-oem-5.10 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.10.0-1045.47)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oem-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.13.0-1012.16)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oem-5.14 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.14.0-1004.4)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oem-5.17 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Not vulnerable
(5.17.0-1003.3)
|
|
kinetic |
Not vulnerable
(5.17.0-1003.3)
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oem-5.6 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(superseded by linux-oem-5.10, was needs-triage)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oem-6.0 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.0.0-1006.6)
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-6.1, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-oem-6.1 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-oem-6.5, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-oem-6.5 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.5.0-1003.3)
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oem-6.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Not vulnerable
(6.8.0-1003.3)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oem-osp1 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(end of standard support, was needs-triage)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oracle Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1080.88)
|
focal |
Released
(5.4.0-1054.58)
|
|
hirsute |
Released
(5.11.0-1017.18)
|
|
impish |
Not vulnerable
(5.13.0-1008.10)
|
|
jammy |
Not vulnerable
(5.13.0-1008.10)
|
|
kinetic |
Not vulnerable
(5.15.0-1002.4)
|
|
lunar |
Not vulnerable
(5.15.0-1002.4)
|
|
mantic |
Not vulnerable
(6.2.0-1003.3)
|
|
noble |
Not vulnerable
(6.5.0-1010.10)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Released
(4.15.0-1080.88~16.04.1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
linux-oracle-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.3)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oracle-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.11.0-1017.18~20.04.1)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oracle-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.13.0-1011.13~20.04.2)
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oracle-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.15.0-1007.9~20.04.1)
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oracle-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.4)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oracle-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1054.58~18.04.1)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oracle-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Ignored
(superseded by linux-oracle-5.11, was needs-triage)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-oracle-6.5 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.5.0-1013.13~22.04.4)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-raspi Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(AMD processors only)
|
|
hirsute |
Released
(5.11.0-1017.18)
|
|
impish |
Not vulnerable
(AMD processors only)
|
|
jammy |
Not vulnerable
(AMD processors only)
|
|
kinetic |
Not vulnerable
(AMD processors only)
|
|
lunar |
Not vulnerable
(AMD processors only)
|
|
mantic |
Not vulnerable
(AMD processors only)
|
|
noble |
Not vulnerable
(AMD processors only)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-raspi-5.4 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(AMD processors only)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(AMD processors only)
|
focal |
Not vulnerable
(AMD processors only)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Not vulnerable
(AMD processors only)
|
|
linux-raspi2-5.3 Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(AMD processors only)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-riscv Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(AMD processors only)
|
|
hirsute |
Released
(5.11.0-1018.19)
|
|
impish |
Not vulnerable
(AMD processors only)
|
|
jammy |
Not vulnerable
(AMD processors only)
|
|
kinetic |
Not vulnerable
(AMD processors only)
|
|
lunar |
Not vulnerable
(AMD processors only)
|
|
mantic |
Not vulnerable
(AMD processors only)
|
|
noble |
Not vulnerable
(AMD processors only)
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-riscv-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Released
(5.11.0-1018.19~20.04.2)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-riscv-5.15 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.15.0-1015.17~20.04.1)
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-riscv-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(end of life, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-riscv-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(AMD processors only)
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-riscv-6.5 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.5.0-17.17.1.1~22.04.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1112.121)
|
focal |
Does not exist
|
|
hirsute |
Does not exist
|
|
impish |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Not vulnerable
(AMD processors only)
|
|
linux-starfive Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Does not exist
|
|
kinetic |
Not vulnerable
|
|
lunar |
Not vulnerable
|
|
mantic |
Not vulnerable
(6.5.0-1002.3)
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-starfive-5.19 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(end of life, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-starfive-6.2 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Ignored
(superseded by linux-starfive-6.5, was needs-triage)
|
|
xenial |
Does not exist
|
|
linux-starfive-6.5 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Does not exist
|
|
jammy |
Not vulnerable
(6.5.0-1007.8~22.04.1)
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
|
linux-xilinx-zynqmp Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
focal |
Not vulnerable
(5.4.0-1020.24)
|
|
jammy |
Not vulnerable
(5.15.0-1022.26)
|
|
kinetic |
Does not exist
|
|
lunar |
Does not exist
|
|
mantic |
Does not exist
|
|
noble |
Does not exist
|
|
trusty |
Does not exist
|
|
upstream |
Released
(5.14~rc7, 4.4.282, 5.4.142)
|
|
xenial |
Does not exist
|
Severity score breakdown
Parameter | Value |
---|---|
Base score | 8.8 |
Attack vector | Local |
Attack complexity | Low |
Privileges required | Low |
User interaction | None |
Scope | Changed |
Confidentiality | High |
Integrity impact | High |
Availability impact | High |
Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
References
- https://github.com/torvalds/linux/commit/3d6368ef580a
- https://www.openwall.com/lists/oss-security/2021/08/16/1
- https://ubuntu.com/security/notices/USN-5062-1
- https://ubuntu.com/security/notices/USN-5070-1
- https://ubuntu.com/security/notices/USN-5071-1
- https://ubuntu.com/security/notices/USN-5072-1
- https://ubuntu.com/security/notices/USN-5073-1
- https://ubuntu.com/security/notices/USN-5071-2
- https://ubuntu.com/security/notices/USN-5082-1
- https://ubuntu.com/security/notices/USN-5073-2
- https://www.cve.org/CVERecord?id=CVE-2021-3653
- NVD
- Launchpad
- Debian