OSVersion,Product,CVE ID,CVE Description,Status,Severity,Created Date,Closed Date,Closed Dwell Time,Base Score,CVSS Version,Vector,Vendor Advisory,References,Recommended Remediations,Remediation Details,Remediation Links,Group Names,Tags,Exploit status value,Exploit status label,Platform,Vulnerable Product Versions,Closed Product Versions,RemediationLevel,ExPRT Rating
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-33624,"In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.",open,MEDIUM,2021-12-14T22:40:14Z,,0,4.7,3,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,,"https://www.usenix.org/conference/usenixsecurity21/presentation/kirzner, http://www.openwall.com/lists/oss-security/2021/06/21/1, https://github.com/torvalds/linux/commit/9183671af6dbf60a1219371d4ed73e23f43b49db, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,30,Available (medium),Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-42008,The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.,open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=19d1532a187669ce86d5a2696eb7275310070793, https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.13","https://www.youtube.com/watch?v=d5f9xLK8Vhw, https://security.netapp.com/advisory/ntap-20211104-0002/","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,30,Available (medium),Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-26931,"An issue was discovered in the Linux kernel 2.6.39 through 5.10.16, as used in Xen. Block, net, and SCSI backends consider certain errors a plain bug, deliberately causing a kernel crash. For errors potentially being at least under the influence of guests (such as out of memory conditions), it isn't correct to assume a plain bug. Memory allocations potentially causing such crashes occur only when Linux is running in PV mode, though. This affects drivers/block/xen-blkback/blkback.c and drivers/xen/xen-scsiback.c.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,,"http://xenbits.xen.org/xsa/advisory-362.html, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2XQR52ICKRK3GC4HDWLMWF2U55YGAR63/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GWQWPWYZRXVFJI5M3VCM72X27IB7CKOB/, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html, https://security.netapp.com/advisory/ntap-20210326-0001/, https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-26558,"Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.",open,MEDIUM,2021-12-14T22:40:14Z,,0,4.2,3,CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N,https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/reporting-security/,"https://kb.cert.org/vuls/id/799380, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NSS6CTGE4UGTJLCOZOASDR3T3SLL6QJZ/, https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00520.html, https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html, https://www.debian.org/security/2021/dsa-4951",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-25671,"A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,,"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3OASG7OEMHANDWBM5US5WKTOC76KMH/, http://www.openwall.com/lists/oss-security/2020/11/01/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTVACC6PGS6OSD3EYY7FZUAZT2EUMFH5/, https://www.openwall.com/lists/oss-security/2020/11/01/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEIEGQXUW37YHZ5MTAZTDCIMHUN26NJS/, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html, https://security.netapp.com/advisory/ntap-20210702-0008/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-42252,"An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers able to access the Aspeed LPC control interface could overwrite memory in the kernel and potentially execute privileges, aka CID-b49a0e69a7b1. This occurs because a certain comparison uses values that are not memory sizes.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b49a0e69a7b1a68c8d3f64097d06dabb770fec96, https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.14.6",https://security.netapp.com/advisory/ntap-20211112-0006/,"Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-25672,A memory leak vulnerability was found in Linux kernel in llcp_sock_connect,open,HIGH,2021-12-14T22:40:14Z,,0,7.5,3,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,,"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3OASG7OEMHANDWBM5US5WKTOC76KMH/, http://www.openwall.com/lists/oss-security/2020/11/01/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTVACC6PGS6OSD3EYY7FZUAZT2EUMFH5/, https://www.openwall.com/lists/oss-security/2020/11/01/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEIEGQXUW37YHZ5MTAZTDCIMHUN26NJS/, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html, https://security.netapp.com/advisory/ntap-20210702-0008/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-25669,"A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,,"https://github.com/torvalds/linux/commit/77e70d351db7de07a46ac49b87a6c3c7a60fca7e, https://lists.debian.org/debian-lts-announce/2020/12/msg00027.html, http://www.openwall.com/lists/oss-security/2020/11/20/5, https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html, http://www.openwall.com/lists/oss-security/2020/11/05/2, https://www.openwall.com/lists/oss-security/2020/11/05/2,, https://www.openwall.com/lists/oss-security/2020/11/20/5,, https://security.netapp.com/advisory/ntap-20210702-0006/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-38199,"fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.5,3,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4,"https://github.com/torvalds/linux/commit/dd99e9f98fbf423ff6d365b37a98e8879170f17c, https://security.netapp.com/advisory/ntap-20210902-0010/, https://www.debian.org/security/2021/dsa-4978, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-31829,"kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can contain uninitialized data that might represent sensitive information previously operated on by the kernel.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,,"http://www.openwall.com/lists/oss-security/2021/05/04/4, https://github.com/torvalds/linux/commit/801c6058d14a82179a7ee17a4b532cac6fad067f, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZI7OBCJQDNWMKLBP6MZ5NV4EUTDAMX6Q/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VWCZ6LJLENL2C3URW5ICARTACXPFCFN2/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y4X2G5YAPYJGI3PFEZZNOTRYI33GOCCZ/, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-28038,"An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV. A certain part of the netback driver lacks necessary treatment of errors such as failed memory allocations (as a result of changes to the handling of grant mapping errors). A host OS denial of service may occur during misbehavior of a networking frontend driver. NOTE: this issue exists because of an incomplete fix for CVE-2021-26931.",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,http://xenbits.xen.org/xsa/advisory-367.html,"http://www.openwall.com/lists/oss-security/2021/03/05/1, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html, https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html, https://security.netapp.com/advisory/ntap-20210409-0001/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-1056,"NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.",open,HIGH,2021-12-14T22:40:14Z,,0,7.1,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,https://nvidia.custhelp.com/app/answers/detail/a_id/5142,,Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-29650,"An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=175e476b8cdf2a4de7432583b49c871345e4f8a1, https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.11","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKRNELXLVFDY6Y5XDMWLIH3VKIMQXLLR/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RZGMUP6QEHJJEKPMLKOSPWYMW7PXFC2M/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VTADK5ELGTATGW2RK3K5MBJ2WGYCPZCM/, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-1052,"NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,https://nvidia.custhelp.com/app/answers/detail/a_id/5142,,Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-35477,"In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=f5e81d1117501546b7be050c5fbafa6efd2c722c, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=2039f26f3aca5b0e419b98f65dd36481337b86ee","https://www.openwall.com/lists/oss-security/2021/08/01/3, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JKK6XNRZX5BT5QVYOKGVJ2BHFZAP5EX/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/565ZS55ZFEN62WVRRORT7R63RXW5F4T4/, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-3739,"A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability.
",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.2,3,CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,,"https://lore.kernel.org/linux-btrfs/20210806102415.304717-1-wqu@suse.com/t/#u, https://access.redhat.com/security/cve/cve-2021-3739, https://security-tracker.debian.org/tracker/cve-2021-3739","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-33200,"kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular, there is a corner case where the off reg causes a masking direction change, which then results in an incorrect final aux->alu_limit.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,,"https://www.openwall.com/lists/oss-security/2021/05/27/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JJCABL43FT3FKRX5DBPZG25FNKR6CEK4/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7LR3OKKPHIBGOMHN476CMLW2T7UG53QX/, https://security.netapp.com/advisory/ntap-20210706-0004/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-38160,"** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4,"https://github.com/torvalds/linux/commit/d00d8da5869a2608e97cfede094dfc5e11462a46, https://access.redhat.com/security/cve/cve-2021-38160, https://security.netapp.com/advisory/ntap-20210902-0010/, https://www.debian.org/security/2021/dsa-4978, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-28688,"The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. XSA-365 was classified to affect versions back to at least 3.11.",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,,"https://xenbits.xenproject.org/xsa/advisory-371.txt, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-40490,A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.,open,HIGH,2021-12-14T22:40:14Z,,0,7,3,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?id=9e445093e523f3277081314c864f708fd4bd34aa,"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJGX3DMJT6MRBW2XEF3TWVHYWZW3DG3N/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/M6VS2DLGT7TK7URKAS2KWJL3S533SGVA/, https://www.debian.org/security/2021/dsa-4978, https://security.netapp.com/advisory/ntap-20211004-0001/, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-28941,"An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an invalid free when the line discipline is used more than once.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,"https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty.git/commit/?h=tty-linus&id=d4122754442799187d5d537a9c039a49a67e57f1, https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=d4122754442799187d5d537a9c039a49a67e57f1","http://www.openwall.com/lists/oss-security/2020/11/19/5, https://www.openwall.com/lists/oss-security/2020/11/19/3, https://github.com/torvalds/linux/commit/d4122754442799187d5d537a9c039a49a67e57f1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZF4OGZPKTAJJXWHPIFP3LHEWWEMR5LPT/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TITJQPYDWZ4NB2ONJWUXW75KSQIPF35T/, https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-29154,"BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,,"https://www.openwall.com/lists/oss-security/2021/04/08/1, https://news.ycombinator.com/item?id=26757760, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W5YFGIIF24475A2LNW3UWHW2SNCS3G7M/, http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html, https://security.netapp.com/advisory/ntap-20210604-0006/, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-25639,A NULL pointer dereference flaw was found in the Linux kernel's GPU Nouveau driver functionality in versions prior to 5.12-rc1 in the way the user calls ioctl DRM_IOCTL_NOUVEAU_CHANNEL_ALLOC. This flaw allows a local user to crash the system.,open,MEDIUM,2021-12-14T22:40:14Z,,0,4.4,3,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,,"https://bugzilla.redhat.com/show_bug.cgi?id=1876995, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SUCBCKRHWP3UD2AVVYQJE7BIJEMCMXW5/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HE4CT3NL6OEBRRBUKHIX63GLNVOWCVRW/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2020-36385,"An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f5449e74802c1112dea984aec8af7a33c4516af1, https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10","https://syzkaller.appspot.com/bug?id=457491c4672d7b52c1007db213d93e47c711fae6, https://sites.google.com/view/syzscope/kasan-use-after-free-read-in-ucma_close-2, https://security.netapp.com/advisory/ntap-20210720-0004/","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-29647,"An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.11, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=50535249f624d0072cd885bcdce4e4b6fb770160","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WKRNELXLVFDY6Y5XDMWLIH3VKIMQXLLR/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RZGMUP6QEHJJEKPMLKOSPWYMW7PXFC2M/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VTADK5ELGTATGW2RK3K5MBJ2WGYCPZCM/, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-3348,"nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71.",open,HIGH,2021-12-14T22:40:14Z,,0,7,3,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b98e762e3d71e893b221f871825dc64694cfb258,"https://www.openwall.com/lists/oss-security/2021/01/28/3, http://www.openwall.com/lists/oss-security/2021/02/01/1, https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-27363,"An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables.",open,MEDIUM,2021-12-14T22:40:14Z,,0,4.4,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L,https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa,"http://www.openwall.com/lists/oss-security/2021/03/06/1, https://bugzilla.suse.com/show_bug.cgi?id=1182716, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html, https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html, https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html, http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html, https://security.netapp.com/advisory/ntap-20210409-0001/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-3753,"A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE). The highest threat from this vulnerability is to data confidentiality.
",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.9,3,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,,"https://access.redhat.com/security/cve/cve-2021-3753, https://ubuntu.com/security/cve-2021-3753, https://security-tracker.debian.org/tracker/cve-2021-3753, https://www.openwall.com/lists/oss-security/2021/09/01/4, https://github.com/torvalds/linux/commit/2287a51ba822384834dafc1c798453375d1107c7","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-29661,"A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=54ffccbf053b5b6ca4f6e45094b942fab92a25fc,"http://www.openwall.com/lists/oss-security/2020/12/10/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOB25SU6XUL4TNP7KB63WNZSYTIYFDPP/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZ7OAKAEFAXQRGBZK4LYUWINCD3D2XCL/, http://packetstormsecurity.com/files/160681/Linux-TIOCSPGRP-Broken-Locking.html, https://security.netapp.com/advisory/ntap-20210122-0001/, https://www.debian.org/security/2021/dsa-4843, https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html, https://www.oracle.com/security-alerts/cpuoct2021.html, http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-29264,"An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled, aka CID-d8861bab48b6.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=d8861bab48b6c1fc3cdbcab8ff9d1eaea43afe7f,https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html,Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-3609,"A flaw was found in the CAN BCM networking protocol in the Linux kernel, where a local attacker can abuse a flaw in the CAN subsystem to corrupt memory, crash the system or escalate privileges.
",open,HIGH,2021-12-14T22:40:14Z,,0,7,3,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,,"https://www.openwall.com/lists/oss-security/2021/06/19/1, https://access.redhat.com/security/cve/cve-2021-3609, https://security-tracker.debian.org/tracker/cve-2021-3609",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-26141,An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.,open,MEDIUM,2021-12-14T22:40:14Z,,0,6.5,3,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,,"https://www.fragattacks.com, https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md, http://www.openwall.com/lists/oss-security/2021/05/11/12, https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf, https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu, https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-38208,net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.,open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.10,"https://github.com/torvalds/linux/commit/4ac06a1e013cf5fdd963317ffd3b968560f33bba, http://www.openwall.com/lists/oss-security/2021/08/17/1, http://www.openwall.com/lists/oss-security/2021/08/17/2, https://bugzilla.redhat.com/show_bug.cgi?id=1992810, http://www.openwall.com/lists/oss-security/2021/08/24/2",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-30002,"An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.2,3,CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.3, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=fb18802a338b36f675a388fc03d2aa504a0d0899","https://bugzilla.suse.com/show_bug.cgi?id=1184120, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-23134,"Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=c61760e6940d,"https://www.openwall.com/lists/oss-security/2021/05/11/4, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QALNQT4LJFVSSA3MWCIECVY4AFPP4X77/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LZYORWNQIHNWRFYRDXBWYWBYM46PDZEN/, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://security.netapp.com/advisory/ntap-20210625-0007/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-20239,A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality.,open,LOW,2021-12-14T22:40:14Z,,0,3.3,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,,https://bugzilla.redhat.com/show_bug.cgi?id=1923636,Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-27815,"A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c61b3e4839007668360ed8b87d7da96d2e59fc6c,"https://www.openwall.com/lists/oss-security/2020/11/30/5,, https://www.openwall.com/lists/oss-security/2020/12/28/1,, http://www.openwall.com/lists/oss-security/2020/11/30/5, https://www.debian.org/security/2021/dsa-4843, https://bugzilla.redhat.com/show_bug.cgi?id=1897668,, http://www.openwall.com/lists/oss-security/2020/12/28/1, https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html, https://security.netapp.com/advisory/ntap-20210702-0004/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-28374,"In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c93811e3. For example, an attack can occur over a network if the attacker has access to one iSCSI LUN. The attacker gains control over file access because I/O operations are proxied via an attacker-selected backstore.",open,HIGH,2021-12-14T22:40:14Z,,0,8.1,3,CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N,"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.10.7, https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2896c93811e39d63a4d9b63ccf12a8fbc226e5e4","https://bugzilla.suse.com/show_bug.cgi?id=1178372, https://github.com/torvalds/linux/commit/2896c93811e39d63a4d9b63ccf12a8fbc226e5e4, https://bugzilla.suse.com/attachment.cgi?id=844938, http://www.openwall.com/lists/oss-security/2021/01/13/2, http://www.openwall.com/lists/oss-security/2021/01/13/5, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FZEUPID5DZYLZBIO4BEVLHFUDZZIFL57/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LTGQDYIEO2GOCOOKADBHEITF44GY55QF/, http://packetstormsecurity.com/files/161229/Kernel-Live-Patch-Security-Notice-LSN-0074-1.html, https://www.debian.org/security/2021/dsa-4843, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HK7SRTITN5ABAUOOIGFVR7XE5YKYYAVO/, https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html, https://security.netapp.com/advisory/ntap-20210219-0002/, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-23133,A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket.,open,HIGH,2021-12-14T22:40:14Z,,0,7,3,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b166a20b07382b8bc1dcee2a448715c9c2c81b5b,"https://www.openwall.com/lists/oss-security/2021/04/18/2, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PAEQ3H6HKNO6KUCGRZVYSFSAGEUX23JL/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CUX2CA63453G34C6KYVBLJXJXEARZI2X/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XZASHZVCOFJ4VU2I3BN5W5EPHWJQ7QWX/, http://www.openwall.com/lists/oss-security/2021/05/10/1, http://www.openwall.com/lists/oss-security/2021/05/10/2, http://www.openwall.com/lists/oss-security/2021/05/10/3, http://www.openwall.com/lists/oss-security/2021/05/10/4, https://security.netapp.com/advisory/ntap-20210611-0008/, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-3743,"An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.2,3,CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,,"https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=7e78c597c3eb, https://access.redhat.com/security/cve/cve-2021-3743, https://lists.openwall.net/netdev/2021/08/17/124, https://ubuntu.com/security/cve-2021-3743, https://security-tracker.debian.org/tracker/cve-2021-3743","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-38204,drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.,open,MEDIUM,2021-12-14T22:40:14Z,,0,6.8,3,CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H,https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.6,https://github.com/torvalds/linux/commit/b5fdf5c6e6bee35837e160c00ac89327bdad031b,"Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-22543,An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.,open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,,"https://github.com/google/security-research/security/advisories/GHSA-7wq5-phmq-m584, http://www.openwall.com/lists/oss-security/2021/06/26/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROQIXQB7ZAWI3KSGSHR6H5RDUWZI775S/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4G5YBUVEPHZYXMKNGBZ3S6INFCTEEL4E/, https://security.netapp.com/advisory/ntap-20210708-0002/, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,30,Available (medium),Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-28972,"In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8.",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.7,3,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=cc7a0bb058b85ea03db87169c60c7cfdd5d34678,"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/, https://security.netapp.com/advisory/ntap-20210430-0003/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-3679,A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.,open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=67f0d6d9883c13174669f88adac4f0ee656cc16a,"https://bugzilla.redhat.com/show_bug.cgi?id=1989165, https://www.debian.org/security/2021/dsa-4978, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-26147,"An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.4,3,CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N,,"https://www.fragattacks.com, https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md, http://www.openwall.com/lists/oss-security/2021/05/11/12, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html, https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf, https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu, https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-38198,"arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.11,"https://github.com/torvalds/linux/commit/b1bd5cba3306691c771d558e94baa73e8b0b96b7, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,30,Available (medium),Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-27170,"An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit.",open,MEDIUM,2021-12-14T22:40:14Z,,0,4.7,3,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N,"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f232326f6966cf2a1d1db7bc917a4ce5f9f55f76, https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.8","https://www.openwall.com/lists/oss-security/2021/03/19/2, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRTPQE73ANG7D6M4L4PK5ZQDPO4Y2FVD/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FB6LUXPEIRLZH32YXWZVEZAD4ZL6SDK2/, http://www.openwall.com/lists/oss-security/2021/03/24/4, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/, https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html, http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2020-36311,"An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.9, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7be74942f184fdfba34ddd19a0d995deb34d4a03","https://lists.debian.org/debian-lts-announce/2021/07/msg00015.html, https://www.debian.org/security/2021/dsa-4941","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-3732,"A flaw was found in the Linux kernel’s OverlayFS subsystem in the way the user mounts the TmpFS filesystem with OverlayFS. This flaw allows a local user to gain access to hidden files that should not be accessible.
",open,LOW,2021-12-14T22:40:14Z,,0,3.3,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N,,"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=427215d85e8d, https://access.redhat.com/security/cve/cve-2021-3732, https://ubuntu.com/security/cve-2021-3732, https://security-tracker.debian.org/tracker/cve-2021-3732","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-20194,"There is a vulnerability in the linux kernel versions higher than 5.2 (if kernel compiled with config params CONFIG_BPF_SYSCALL=y , CONFIG_BPF=y , CONFIG_CGROUPS=y , CONFIG_CGROUP_BPF=y , CONFIG_HARDENED_USERCOPY not set, and BPF hook to getsockopt is registered). As result of BPF execution, the local user can trigger bug in __cgroup_bpf_run_filter_getsockopt() function that can lead to heap overflow (because of non-hardened usercopy). The impact of attack could be deny of service or possibly privileges escalation.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,,"https://bugzilla.redhat.com/show_bug.cgi?id=1912683, https://security.netapp.com/advisory/ntap-20210326-0003/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-29568,"An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue is unbounded, a guest may be able to trigger an OOM in the backend. All systems with a FreeBSD, Linux, or NetBSD (any version) dom0 are vulnerable.",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H,https://xenbits.xenproject.org/xsa/advisory-349.html,"https://www.debian.org/security/2021/dsa-4843, https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html, https://security.gentoo.org/glsa/202107-30",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-37576,"arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,"https://lore.kernel.org/linuxppc-dev/87im0x1lqi.fsf@mpe.ellerman.id.au/T/#u, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f62f3c20647ebd5fb6ecb8f0b477b9281c44c10a","http://www.openwall.com/lists/oss-security/2021/07/27/2, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2YZ2DNURMYYVDT2NYAFDESJC35KCUDS/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WDFA7DSQIPM7XPNXJBXFWXHJFVUBCAG6/, https://security.netapp.com/advisory/ntap-20210917-0005/, https://www.debian.org/security/2021/dsa-4978","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,30,Available (medium),Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-3573,"A use-after-free in function hci_sock_bound_ioctl() of the Linux kernel HCI subsystem was found in the way user calls ioct HCIUNBLOCKADDR or other way triggers race condition of the call hci_unregister_dev() together with one of the calls hci_sock_blacklist_add(), hci_sock_blacklist_del(), hci_get_conn_info(), hci_get_auth_info(). A privileged local user could use this flaw to crash the system or escalate their privileges on the system. This flaw affects the Linux kernel versions prior to 5.13-rc5.",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.4,3,CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth.git/commit/?id=e305509e678b3a4af2b3cfd410f409f7cdaabb52,"https://bugzilla.redhat.com/show_bug.cgi?id=1966578, https://www.openwall.com/lists/oss-security/2021/06/08/2",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-32399,net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.,open,HIGH,2021-12-14T22:40:14Z,,0,7,3,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H,https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e2cb6b891ad2b8caa9131e3be70f45243df82a80,"https://github.com/torvalds/linux/commit/e2cb6b891ad2b8caa9131e3be70f45243df82a80, http://www.openwall.com/lists/oss-security/2021/05/11/2, https://security.netapp.com/advisory/ntap-20210622-0006/, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-3178,"** DISPUTED ** fs/nfsd/nfs3xdr.c in the Linux kernel through 5.10.8, when there is an NFS export of a subdirectory of a filesystem, allows remote attackers to traverse to other parts of the filesystem via READDIRPLUS. NOTE: some parties argue that such a subdirectory export is not intended to prevent this attack; see also the exports(5) no_subtree_check default behavior.",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.5,3,CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N,"https://patchwork.kernel.org/project/linux-nfs/patch/20210111210129.GA11652@fieldses.org/, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=51b2ee7d006a736a9126e8111d1f24e4fd0afaa6","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5SGB7TNDVQEOJ7NVTGX56UWHDNQM5TRC/, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-29265,"An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70.",open,MEDIUM,2021-12-14T22:40:14Z,,0,4.7,3,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.7, https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=9380afd6df70e24eacbdbde33afc6a3950965d22",https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html,Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-3493,"The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,https://ubuntu.com/security/notices/USN-4917-1,"https://www.openwall.com/lists/oss-security/2021/04/16/1, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=7c03e2cda4a584cadc398e8f6641ca9988a39d52, http://packetstormsecurity.com/files/162434/Kernel-Live-Patch-Security-Notice-LSN-0076-1.html, http://packetstormsecurity.com/files/162866/Ubuntu-OverlayFS-Local-Privilege-Escalation.html, http://packetstormsecurity.com/files/165151/Ubuntu-Overlayfs-Local-Privilege-Escalation.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,90,Actively used (critical),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,CRITICAL
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-24588,"The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.",open,LOW,2021-12-14T22:40:14Z,,0,3.5,3,CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N,,"https://www.fragattacks.com, https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md, http://www.openwall.com/lists/oss-security/2021/05/11/12, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html, https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf, https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu, https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html, https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-25670,A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.,open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,,"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3OASG7OEMHANDWBM5US5WKTOC76KMH/, http://www.openwall.com/lists/oss-security/2020/11/01/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTVACC6PGS6OSD3EYY7FZUAZT2EUMFH5/, http://www.openwall.com/lists/oss-security/2021/05/11/4, https://www.openwall.com/lists/oss-security/2020/11/01/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEIEGQXUW37YHZ5MTAZTDCIMHUN26NJS/, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html, https://security.netapp.com/advisory/ntap-20210702-0008/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,cron,CVE-2017-9525,"In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs.",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.7,3,CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,http://bugs.debian.org/864466,"http://www.openwall.com/lists/oss-security/2017/06/08/3, http://www.securitytracker.com/id/1038651, https://lists.debian.org/debian-lts-announce/2019/03/msg00025.html, https://lists.debian.org/debian-lts-announce/2021/10/msg00029.html",No fix available for Ubuntu cron,No fix available for cron on Ubuntu 18.04,,Servers,,0,Unproven,Linux,cron 3.0pl1-128.1ubuntu1,,U,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-0129,Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.,open,MEDIUM,2021-12-14T22:40:14Z,,0,5.7,3,CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00517.html,"https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html, https://security.netapp.com/advisory/ntap-20210716-0002/, https://www.debian.org/security/2021/dsa-4951",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2019-19449,"In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H,,"https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19449, https://security.netapp.com/advisory/ntap-20200103-0001/","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,30,Available (medium),Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-3612,"An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,https://lore.kernel.org/linux-input/20210620120030.1513655-1-avlarkin82@gmail.com/,"https://bugzilla.redhat.com/show_bug.cgi?id=1974079, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YKGI562LFV5MESTMVTCG5RORSBT6NGBN/, https://security.netapp.com/advisory/ntap-20210805-0005/, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,30,Available (medium),Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,MEDIUM
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-3428,"A flaw was found in the Linux kernel. A denial of service problem is identified if an extent tree is corrupted in a crafted ext4 filesystem in fs/ext4/extents.c in ext4_es_cache_extent. Fabricating an integer overflow, A local attacker with a special user privilege may cause a system crash problem which can lead to an availability threat.
",open,MEDIUM,2021-12-14T22:40:14Z,,0,4.4,3,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,,"https://access.redhat.com/security/cve/cve-2021-3428, https://ubuntu.com/security/cve-2021-3428, https://security-tracker.debian.org/tracker/cve-2021-3428","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,shadow,CVE-2018-7169,"An issue was discovered in shadow 4.5. newgidmap (in shadow-utils) is setuid and allows an unprivileged user to be placed in a user namespace where setgroups(2) is permitted. This allows an attacker to remove themselves from a supplementary group, which may allow access to certain filesystem paths if the administrator has used ""group blacklisting"" (e.g., chmod g-rwx) to restrict access to paths. This flaw effectively reverts a security feature in the kernel (in particular, the /proc/self/setgroups knob) to prevent this sort of privilege escalation.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.3,3,CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N,,"https://bugs.launchpad.net/ubuntu/+source/shadow/+bug/1729357, https://security.gentoo.org/glsa/201805-09",No fix available for Ubuntu shadow,No fix available for shadow on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,shadow 1:4.5-1ubuntu2,,U,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-3653,"A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the ""int_ctl"" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.",open,HIGH,2021-12-14T22:40:14Z,,0,8.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,,"https://www.openwall.com/lists/oss-security/2021/08/16/1, https://bugzilla.redhat.com/show_bug.cgi?id=1983686, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-27364,An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.,open,HIGH,2021-12-14T22:40:14Z,,0,7.1,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=688e8128b7a92df982709a4137ea4588d16f24aa,"https://bugzilla.suse.com/show_bug.cgi?id=1182717, https://www.openwall.com/lists/oss-security/2021/03/06/1, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html, https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html, https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html, http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html, https://security.netapp.com/advisory/ntap-20210409-0001/, https://www.oracle.com/security-alerts/cpuoct2021.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2020-3702,"u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.5,3,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N,https://www.qualcomm.com/company/product-security/bulletins/august-2020-bulletin,"https://www.arista.com/en/support/advisories-notices/security-advisories/11998-security-advisory-58, https://www.debian.org/security/2021/dsa-4978, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-34556,"In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=f5e81d1117501546b7be050c5fbafa6efd2c722c, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/patch/?id=2039f26f3aca5b0e419b98f65dd36481337b86ee","http://www.openwall.com/lists/oss-security/2021/08/01/3, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JKK6XNRZX5BT5QVYOKGVJ2BHFZAP5EX/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/565ZS55ZFEN62WVRRORT7R63RXW5F4T4/, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-28971,"In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d88d05a9e0b6d9356e97129d4ff9942d765f46ea,"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/, https://security.netapp.com/advisory/ntap-20210430-0003/, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-33034,"In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.12.4, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5c4c8c9544099bb9043a10a5318130a943e32fc3","https://syzkaller.appspot.com/bug?id=2e1943a94647f7732dd6fc60368642d6e8dc91b1, https://sites.google.com/view/syzscope/kasan-use-after-free-read-in-hci_send_acl, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GI7Z7UBWBGD3ABNIL2DC7RQDCGA4UVQW/, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-26139,An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.,open,MEDIUM,2021-12-14T22:40:14Z,,0,5.3,3,CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H,,"https://www.fragattacks.com, https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md, http://www.openwall.com/lists/oss-security/2021/05/11/12, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html, https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf, https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu, https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-28588,"An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been introduced in v5.1-rc4 (commit 631b7abacd02b88f4b0795c08b54ad4fc3e7c7c0) and is still present in v5.10-rc4, so it’s likely that all versions in between are affected. An attacker can read /proc/pid/syscall to trigger this vulnerability, which leads to the kernel leaking memory contents.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,,https://talosintelligence.com/vulnerability_reports/TALOS-2020-1211,Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-20177,A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user (with root or CAP_NET_ADMIN) when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is affected.,open,MEDIUM,2021-12-14T22:40:14Z,,0,4.4,3,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H,,https://bugzilla.redhat.com/show_bug.cgi?id=1914719,Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-36158,"mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.7,3,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,"https://patchwork.kernel.org/project/linux-wireless/patch/20201206084801.26479-1-ruc_zhangxiaohui@163.com/, https://lore.kernel.org/r/20201206084801.26479-1-ruc_zhangxiaohui@163.com, https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5c455c5ab332773464d02ba17015acdca198f03d","https://github.com/torvalds/linux/commit/5c455c5ab332773464d02ba17015acdca198f03d, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HCHBIRS27VMOGMBHPWP2R7SZRFXT6O6U/, https://www.debian.org/security/2021/dsa-4843, https://security.netapp.com/advisory/ntap-20210212-0002/, https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-3492,"Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (kernel memory exhaustion) or gain privileges via executing arbitrary code. AKA ZDI-CAN-13562.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,"https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal/commit/?id=25c891a949bf918b59cbc6e4932015ba4c35c333, https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/focal/commit/?id=8fee52ab9da87d82bc6de9ebb3480fff9b4d53e6, https://ubuntu.com/security/notices/USN-4917-1","https://www.openwall.com/lists/oss-security/2021/04/16/2, https://www.zerodayinitiative.com/advisories/ZDI-21-422/, http://packetstormsecurity.com/files/162614/Kernel-Live-Patch-Security-Notice-LSN-0077-1.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-25673,A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.,open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,,"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PW3OASG7OEMHANDWBM5US5WKTOC76KMH/, http://www.openwall.com/lists/oss-security/2020/11/01/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTVACC6PGS6OSD3EYY7FZUAZT2EUMFH5/, https://www.openwall.com/lists/oss-security/2020/11/01/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VEIEGQXUW37YHZ5MTAZTDCIMHUN26NJS/, https://security.netapp.com/advisory/ntap-20210702-0008/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,"openssh, openssh",CVE-2020-14145,The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.,open,MEDIUM,2021-12-14T22:40:14Z,,0,5.9,3,CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N,,"https://github.com/openssh/openssh-portable/compare/V_8_3_P1...V_8_4_P1, https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/, https://security.netapp.com/advisory/ntap-20200709-0004/, http://www.openwall.com/lists/oss-security/2020/12/02/1, https://anongit.mindrot.org/openssh.git/commit/?id=b3855ff053f5078ec3d3c653cdaedefaa5fc362d, https://github.com/ssh-mitm/ssh-mitm/blob/master/ssh_proxy_server/plugins/session/cve202014145.py, https://docs.ssh-mitm.at/CVE-2020-14145.html, https://security.gentoo.org/glsa/202105-35",No fix available for Ubuntu openssh,No fix available for openssh on Ubuntu 18.04,,Servers,,0,Unproven,Linux,openssh 1:7.6p1-4ubuntu0.5,openssh 1:7.6p1-4ubuntu0.3,U,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-26145,"An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.5,3,CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N,,"https://www.fragattacks.com, https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md, http://www.openwall.com/lists/oss-security/2021/05/11/12, https://cert-portal.siemens.com/productcert/pdf/ssa-913875.pdf",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-24587,"The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.",open,LOW,2021-12-14T22:40:14Z,,0,2.6,3,CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N,,"https://www.fragattacks.com, https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md, http://www.openwall.com/lists/oss-security/2021/05/11/12, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html, https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu, https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html, https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-29569,"An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to run if the frontend quickly toggles between the states connect and disconnect. As a consequence, the block backend may re-use a pointer after it was freed. A misbehaving guest can trigger a dom0 crash by continuously connecting / disconnecting a block frontend. Privilege escalation and information leaks cannot be ruled out. This only affects systems with a Linux blkback.",open,HIGH,2021-12-14T22:40:14Z,,0,8.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,https://xenbits.xenproject.org/xsa/advisory-350.html,"https://www.debian.org/security/2021/dsa-4843, https://security.netapp.com/advisory/ntap-20210205-0001/, https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html, https://security.gentoo.org/glsa/202107-30",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-27365,"An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f9dbdf97a5bd92b1a49cee3d591b55b11fd7a6d5, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ec98ea7070e94cc25a422ec97d1421e28d97b7ee","https://www.openwall.com/lists/oss-security/2021/03/06/1, https://bugzilla.suse.com/show_bug.cgi?id=1182715, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html, https://blog.grimm-co.com/2021/03/new-old-bugs-in-linux-kernel.html, https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html, http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html, https://security.netapp.com/advisory/ntap-20210409-0001/, https://www.oracle.com/security-alerts/cpuoct2021.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-3564,A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.,open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,,"https://bugzilla.redhat.com/show_bug.cgi?id=1964139, http://www.openwall.com/lists/oss-security/2021/06/01/2, http://www.openwall.com/lists/oss-security/2021/05/25/1, https://www.openwall.com/lists/oss-security/2021/05/25/1, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-28375,"An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,"https://lore.kernel.org/stable/YD03ew7+6v0XPh6l@kroah.com/, https://git.kernel.org/linus/20c40794eb85ea29852d7bc37c55713802a543d6","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OMRQVOTASD3VZP6GE4JJHE27QU6FHTZ6/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJPVQZPY3DHPV5I3IVNMSMO6D3PKZISX/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XAUNYDTGE6MB4NWL2SIHPCODCLET3JZB/, https://security.netapp.com/advisory/ntap-20210401-0003/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-33909,"fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.4,"https://github.com/torvalds/linux/commit/8cae8cd89f05f6de223d63e6d15e31c8ba9cf53b, https://www.openwall.com/lists/oss-security/2021/07/20/1, https://lists.debian.org/debian-lts-announce/2021/07/msg00016.html, https://lists.debian.org/debian-lts-announce/2021/07/msg00015.html, https://lists.debian.org/debian-lts-announce/2021/07/msg00014.html, https://www.debian.org/security/2021/dsa-4941, http://packetstormsecurity.com/files/163621/Sequoia-A-Deep-Root-In-Linuxs-Filesystem-Layer.html, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4UHHIGISO3FVRF4CQNJS4IKA25ATSFU/, http://www.openwall.com/lists/oss-security/2021/07/22/7, http://packetstormsecurity.com/files/163671/Kernel-Live-Patch-Security-Notice-LSN-0079-1.html, https://security.netapp.com/advisory/ntap-20210819-0004/, http://www.openwall.com/lists/oss-security/2021/08/25/10, http://packetstormsecurity.com/files/164155/Kernel-Live-Patch-Security-Notice-LSN-0081-1.html, http://www.openwall.com/lists/oss-security/2021/09/17/2, http://www.openwall.com/lists/oss-security/2021/09/17/4, http://www.openwall.com/lists/oss-security/2021/09/21/1",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,90,Actively used (critical),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,CRITICAL
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-28950,"An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A ""stall on CPU"" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.8, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=775c5033a0d164622d9d10dd0f0a5531639ed3ed","https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRTPQE73ANG7D6M4L4PK5ZQDPO4Y2FVD/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FB6LUXPEIRLZH32YXWZVEZAD4ZL6SDK2/, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-28660,"rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=74b6b20df8cfe90ada777d621b54c32e69e27cd7,"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJPVQZPY3DHPV5I3IVNMSMO6D3PKZISX/, https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html, https://security.netapp.com/advisory/ntap-20210507-0008/, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-3656,"A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the ""virt_ext"" field, this issue could allow a malicious L1 to disable both VMLOAD/VMSAVE intercepts and VLS (Virtual VMLOAD/VMSAVE) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape.
",open,HIGH,2021-12-14T22:40:14Z,,0,8.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H,,"https://www.openwall.com/lists/oss-security/2021/08/16/1, https://access.redhat.com/security/cve/cve-2021-3656","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-31916,An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.,open,MEDIUM,2021-12-14T22:40:14Z,,0,6.7,3,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H,,"https://seclists.org/oss-sec/2021/q1/268, https://bugzilla.redhat.com/show_bug.cgi?id=1946965, https://github.com/torvalds/linux/commit/4edbe1d7bcffcd6269f3b5eb63f710393ff2ec7a, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-24586,"The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.",open,LOW,2021-12-14T22:40:14Z,,0,3.5,3,CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N,,"https://www.fragattacks.com, https://github.com/vanhoefm/fragattacks/blob/master/SUMMARY.md, http://www.openwall.com/lists/oss-security/2021/05/11/12, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html, https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-wifi-faf-22epcEWu, https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00473.html, https://www.arista.com/en/support/advisories-notices/security-advisories/12602-security-advisory-63",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-27830,"A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,,"https://bugzilla.redhat.com/show_bug.cgi?id=1919900, http://www.openwall.com/lists/oss-security/2020/12/08/1, http://www.openwall.com/lists/oss-security/2020/12/08/4, https://www.debian.org/security/2021/dsa-4843, https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html, https://security.netapp.com/advisory/ntap-20210625-0004/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-38205,"drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).",open,LOW,2021-12-14T22:40:14Z,,0,3.3,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N,https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.13.3,"https://github.com/torvalds/linux/commit/d0d62baa7f505bd4c59cd169692ff07ec49dde37, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-3444,"The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and possibly out-of-bounds writes that could potentially lead to code execution. This issue was addressed in the upstream kernel in commit 9b00f1b78809 (""bpf: Fix truncation handling for mod32 dst reg wrt zero"") and in Linux stable kernels 5.11.2, 5.10.19, and 5.4.101.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=9b00f1b78809,"https://www.openwall.com/lists/oss-security/2021/03/23/2, http://www.openwall.com/lists/oss-security/2021/03/23/2, http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html, https://security.netapp.com/advisory/ntap-20210416-0006/, https://lists.debian.org/debian-lts-announce/2021/10/msg00010.html, http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,"linux-meta-hwe-5.4, linux-signed-hwe-5.4",CVE-2021-3759,"A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.
",open,MEDIUM,2021-12-14T22:40:14Z,,0,6.2,3,CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,,"https://access.redhat.com/security/cve/cve-2021-3759, https://ubuntu.com/security/cve-2021-3759, https://security-tracker.debian.org/tracker/cve-2021-3759, https://lore.kernel.org/linux-mm/1626333284-1404-1-git-send-email-nglaive@gmail.com/","Update Ubuntu linux-meta-hwe-5.4, Update Ubuntu linux-signed-hwe-5.4","Update linux-meta-hwe-5.4 on Ubuntu 18.04, Update linux-signed-hwe-5.4 on Ubuntu 18.04",,Servers,,0,Unproven,Linux,"linux-meta-hwe-5.4 5.4.0.59.65~18.04.54, linux-signed-hwe-5.4 5.4.0-81.91~18.04.1",,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-28964,"A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc.",open,MEDIUM,2021-12-14T22:40:14Z,,0,4.7,3,CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H,https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=dbcc7d57bffc0c8cac9dac11bec548597d59a6a5,"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PTRNPQTZ4GVS46SZ4OBXY5YDOGVPSTGQ/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCKIOXCOZGXBEZMO5LGGV5MWCHO6FT3/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/, https://security.netapp.com/advisory/ntap-20210430-0003/, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-29660,"A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.",open,MEDIUM,2021-12-14T22:40:14Z,,0,4.4,3,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N,https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c8bcd9c5be24fb9e6132e97da5a35e55a83e36b9,"http://www.openwall.com/lists/oss-security/2020/12/10/1, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BOB25SU6XUL4TNP7KB63WNZSYTIYFDPP/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZ7OAKAEFAXQRGBZK4LYUWINCD3D2XCL/, https://security.netapp.com/advisory/ntap-20210122-0001/, https://www.debian.org/security/2021/dsa-4843, https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html, http://packetstormsecurity.com/files/164950/Kernel-Live-Patch-Security-Notice-LSN-0082-1.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-3506,An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.,open,HIGH,2021-12-14T22:40:14Z,,0,7.1,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H,,"https://www.mail-archive.com/linux-kernel@vger.kernel.org/msg2520013.html, https://www.openwall.com/lists/oss-security/2021/03/28/2, https://bugzilla.redhat.com/show_bug.cgi?id=1944298, http://www.openwall.com/lists/oss-security/2021/05/08/1, https://security.netapp.com/advisory/ntap-20210611-0007/, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-26930,"An issue was discovered in the Linux kernel 3.11 through 5.10.16, as used by Xen. To service requests to the PV backend, the driver maps grant references provided by the frontend. In this process, errors may be encountered. In one case, an error encountered earlier might be discarded by later processing, resulting in the caller assuming successful mapping, and hence subsequent operations trying to access space that wasn't mapped. In another case, internal state would be insufficiently updated, preventing safe recovery from the error. This affects drivers/block/xen-blkback/blkback.c.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,,"http://xenbits.xen.org/xsa/advisory-365.html, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2XQR52ICKRK3GC4HDWLMWF2U55YGAR63/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GWQWPWYZRXVFJI5M3VCM72X27IB7CKOB/, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html, https://security.netapp.com/advisory/ntap-20210326-0001/, https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-34693,net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.,open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N,https://lore.kernel.org/netdev/trinity-87eaea25-2a7d-4aa9-92a5-269b822e5d95-1623609211076@3c-app-gmx-bs04/T/,"http://www.openwall.com/lists/oss-security/2021/06/15/1, https://lists.debian.org/debian-lts-announce/2021/07/msg00016.html, https://lists.debian.org/debian-lts-announce/2021/07/msg00015.html, https://lists.debian.org/debian-lts-announce/2021/07/msg00014.html, https://www.debian.org/security/2021/dsa-4941",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2020-27171,"An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-10d2bb2e6b1d.",open,MEDIUM,2021-12-14T22:40:14Z,,0,6,3,CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H,"https://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/patch/?id=10d2bb2e6b1d8c4576c56a748f697dbeb8388899, https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.11.8","https://www.openwall.com/lists/oss-security/2021/03/19/3, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRTPQE73ANG7D6M4L4PK5ZQDPO4Y2FVD/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FB6LUXPEIRLZH32YXWZVEZAD4ZL6SDK2/, http://www.openwall.com/lists/oss-security/2021/03/24/5, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2S3I4SLRNRUQDOFYUS6IUAZMQNMPNLG/, https://lists.debian.org/debian-lts-announce/2021/03/msg00035.html, http://packetstormsecurity.com/files/162117/Kernel-Live-Patch-Security-Notice-LSN-0075-1.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-3347,"An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,"https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=34b1a1ce1458f50ef27c54e28eb9b1947012907a, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2dac39d93987f7de1e20b3988c8685523247ae2, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=12bb3f7f1b03d5913b3f9d4236a488aa7774dfe9, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c64396cc36c6e60704ab06c1fb1c4a46179c9120, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=2156ac1934166d6deb6cd0f6ffc4c1076ec63697, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6ccc84f917d33312eb2846bd7b567639f585ad6d, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c5cade200ab9a2a3be9e7f32a752c8d86b502ec7, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=04b79c55201f02ffd675e1231d731365e335c307","https://www.openwall.com/lists/oss-security/2021/01/29/3, https://www.openwall.com/lists/oss-security/2021/01/29/1, http://www.openwall.com/lists/oss-security/2021/01/29/5, http://www.openwall.com/lists/oss-security/2021/01/29/4, http://www.openwall.com/lists/oss-security/2021/02/01/4, https://www.debian.org/security/2021/dsa-4843, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QOBMXDJABYE76RKNBAWA2E4TSSBX7CSJ/, https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CXAVDAK4RLAHBHHGEPL73UFXSI6BXQ7Q/, https://lists.debian.org/debian-lts-announce/2021/02/msg00018.html, https://security.netapp.com/advisory/ntap-20210304-0005/, https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,30,Available (medium),Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,MEDIUM
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-1053,"NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service.",open,MEDIUM,2021-12-14T22:40:14Z,,0,5.5,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H,https://nvidia.custhelp.com/app/answers/detail/a_id/5142,,Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW
Ubuntu 18.04,linux-meta-hwe-5.4,CVE-2021-3483,"A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected",open,HIGH,2021-12-14T22:40:14Z,,0,7.8,3,CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H,,"http://www.openwall.com/lists/oss-security/2021/04/07/1, https://bugzilla.redhat.com/show_bug.cgi?id=1948045, https://lists.debian.org/debian-lts-announce/2021/06/msg00019.html, https://lists.debian.org/debian-lts-announce/2021/06/msg00020.html, https://security.netapp.com/advisory/ntap-20210629-0002/",Update Ubuntu linux-meta-hwe-5.4,Update linux-meta-hwe-5.4 on Ubuntu 18.04,,Servers,,0,Unproven,Linux,linux-meta-hwe-5.4 5.4.0.59.65~18.04.54,,O,LOW