CVE-2021-39685
Published: 16 December 2021
In various setup methods of the USB gadget subsystem, there is a possible out of bounds write due to an incorrect flag check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210292376References: Upstream kernel
From the Ubuntu security team
Szymon Heidrich discovered that the USB Gadget subsystem in the Linux kernel did not properly restrict the size of control requests for certain gadget types, leading to possible out of bounds reads or writes. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
Priority
Medium
CVSS 3 base score: 7.8
Status
| Package | Release | Status |
|---|---|---|
|
linux Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-169.177)
|
| focal |
Released
(5.4.0-100.113)
|
|
| hirsute |
Ignored
(reached end-of-life)
|
|
| impish |
Released
(5.13.0-37.42)
|
|
| jammy |
Not vulnerable
(5.15.0-17.17)
|
|
| trusty |
Ignored
(was needed ESM criteria)
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Ignored
(was needed ESM criteria)
|
|
|
linux-aws Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1121.129)
|
| focal |
Released
(5.4.0-1066.69)
|
|
| hirsute |
Ignored
(reached end-of-life)
|
|
| impish |
Released
(5.13.0-1019.21)
|
|
| jammy |
Not vulnerable
(5.15.0-1002.4)
|
|
| trusty |
Ignored
(was needed ESM criteria)
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Ignored
(was needed ESM criteria)
|
|
|
linux-aws-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.3)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was pending [5.11.0-1029.32~20.04.1] now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.13.0-1019.21~20.04.1)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-aws-5.4)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1066.69~18.04.1)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-aws-hwe Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Released
(4.15.0-1120.128~16.04.1)
|
|
|
linux-azure Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
| focal |
Released
(5.4.0-1070.73)
|
|
| hirsute |
Ignored
(reached end-of-life)
|
|
| impish |
Released
(5.13.0-1021.24)
|
|
| jammy |
Not vulnerable
(5.15.0-1001.2)
|
|
| trusty |
Released
(4.15.0-1131.144~14.04.1)
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Released
(4.15.0-1131.144~16.04.1)
|
|
|
linux-azure-4.15 Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1131.144)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was pending [5.11.0-1029.32~20.04.2] now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.13.0-1021.24~20.04.1)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.4)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1070.73~18.04.1)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-azure-5.3)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-azure-fde Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Not vulnerable
(5.4.0-1063.66+cvm2.2)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-bluefield Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.4.0-1028.31)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-dell300x Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1035.40)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-fips Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Ignored
(was needed ESM criteria)
|
|
|
linux-gcp Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.3)
|
| focal |
Released
(5.4.0-1065.69)
|
|
| hirsute |
Ignored
(reached end-of-life)
|
|
| impish |
Released
(5.13.0-1021.25)
|
|
| jammy |
Not vulnerable
(5.15.0-1001.3)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Released
(4.15.0-1116.130~16.04.1)
|
|
|
linux-gcp-4.15 Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1116.130)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was pending [5.11.0-1030.34~20.04.3] now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.13.0-1021.25~20.04.1)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-gcp-5.4)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1065.69~18.04.1)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-gcp-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-gke Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.4.0-1063.66)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Not vulnerable
(5.15.0-1002.2)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Ignored
(reached end of standard support)
|
|
|
linux-gke-4.15 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-gke-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1063.66~18.04.1)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-gkeop Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.4.0-1034.35)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-gkeop-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1034.35~18.04.1)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe Launchpad, Ubuntu, Debian |
bionic |
Ignored
(replaced by linux-hwe-5.4)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Released
(4.15.0-169.177~16.04.1)
|
|
|
linux-hwe-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needed now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.13.0-37.42~20.04.1)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-100.113~18.04.1)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-hwe-edge Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-hwe-5.4)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Ignored
(superseded by linux-hwe)
|
|
|
linux-ibm Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.4.0-1015.16)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Not vulnerable
(5.15.0-1002.2)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-ibm-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1015.16~18.04.1)
|
| focal |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-intel-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-kvm Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1107.109)
|
| focal |
Released
(5.4.0-1056.58)
|
|
| hirsute |
Ignored
(reached end-of-life)
|
|
| impish |
Released
(5.13.0-1018.19)
|
|
| jammy |
Not vulnerable
(5.15.0-1002.2)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Ignored
(was needed ESM criteria)
|
|
|
linux-lowlatency Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Not vulnerable
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
|
linux-lts-xenial Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Ignored
(was needed ESM criteria)
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-oem Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Ignored
(superseded by linux-hwe)
|
|
|
linux-oem-5.10 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needed now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needed now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-5.14 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.14.0-1022.24)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-5.17 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Not vulnerable
|
|
| trusty |
Does not exist
|
|
| upstream |
Needs triage
|
|
| xenial |
Does not exist
|
|
|
linux-oem-5.6 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-oem-osp1 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1087.95)
|
| focal |
Released
(5.4.0-1064.68)
|
|
| hirsute |
Ignored
(reached end-of-life)
|
|
| impish |
Released
(5.13.0-1023.28)
|
|
| jammy |
Not vulnerable
(5.15.0-1001.3)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Released
(4.15.0-1087.95~16.04.1)
|
|
|
linux-oracle-5.0 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.3)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was pending [5.11.0-1029.32~20.04.1] now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.13 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.13.0-1025.30~20.04.1)
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(superseded by linux-oracle-5.4)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1064.68~18.04.1)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-oracle-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Released
(5.4.0-1053.60)
|
|
| hirsute |
Ignored
(reached end-of-life)
|
|
| impish |
Released
(5.13.0-1022.24)
|
|
| jammy |
Not vulnerable
(5.15.0-1002.2)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi-5.4 Launchpad, Ubuntu, Debian |
bionic |
Released
(5.4.0-1053.60~18.04.1)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-raspi2 Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1103.110)
|
| focal |
Ignored
(replaced by linux-raspi)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Ignored
(was needs-triage now end-of-life)
|
|
|
linux-raspi2-5.3 Launchpad, Ubuntu, Debian |
bionic |
Ignored
(was needs-triage now end-of-life)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-riscv Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(superseded by linux-riscv-5.8)
|
|
| hirsute |
Ignored
(reached end-of-life)
|
|
| impish |
Released
(5.13.0-1017.19)
|
|
| jammy |
Not vulnerable
(5.15.0-1004.4)
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-riscv-5.11 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was pending [5.11.0-1030.34] now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-riscv-5.8 Launchpad, Ubuntu, Debian |
bionic |
Does not exist
|
| focal |
Ignored
(was needs-triage now end-of-life)
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Does not exist
|
|
|
linux-snapdragon Launchpad, Ubuntu, Debian |
bionic |
Released
(4.15.0-1120.129)
|
| focal |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| impish |
Does not exist
|
|
| jammy |
Does not exist
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(5.16~rc5)
|
|
| xenial |
Ignored
(was needs-triage now end-of-life)
|
Notes
| Author | Note |
|---|---|
| sbeattie | likely introduces subtle regression that needs
f08adf5add9a ("USB: gadget: bRequestType is a bitfield, not a enum")
to address |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39685
- https://www.openwall.com/lists/oss-security/2021/12/15/4
- https://github.com/szymonh/inspector-gadget
- https://ubuntu.com/security/notices/USN-5278-1
- https://ubuntu.com/security/notices/USN-5294-1
- https://ubuntu.com/security/notices/USN-5294-2
- https://ubuntu.com/security/notices/USN-5297-1
- https://ubuntu.com/security/notices/USN-5298-1
- https://ubuntu.com/security/notices/USN-5337-1
- https://ubuntu.com/security/notices/USN-5368-1
- NVD
- Launchpad
- Debian