logo
DATABASE RESOURCES PRICING ABOUT US

USN-5136-1: Linux kernel vulnerabilities | Cloud Foundry

Description

## Severity Medium ## Vendor Canonical Ubuntu ## Versions Affected * Canonical Ubuntu 16.04 * Canonical Ubuntu 18.04 ## Description Several security issues were fixed in the Linux kernel. CVEs contained in this USN include: CVE-2021-38199, CVE-2021-3743, CVE-2021-3753, CVE-2021-3759, CVE-2019-19449, CVE-2020-36322, CVE-2020-36385, CVE-2021-3655. ## Affected Cloud Foundry Products and Versions _Severity is medium unless otherwise noted._ * Bionic Stemcells * 1.x versions prior to 1.41 * All other stemcells not listed. * cflinuxfs3 * All versions prior to 0.265.0 * CF Deployment * All versions prior to 17.1.0 ## Mitigation Users of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases: * Bionic Stemcells * Upgrade 1.x versions to 1.41 or greater * All other stemcells should be upgraded to the latest version available on [bosh.io](<https://bosh.io/stemcells>). * cflinuxfs3 * Upgrade all versions to 0.265.0 or greater * CF Deployment * Upgrade all versions to 17.1.0 or greater ## References * [USN Notice](<https://ubuntu.com/security/notices/USN-5136-1>) * [CVE-2021-38199](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-38199.html>) * [CVE-2021-3743](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3743.html>) * [CVE-2021-3753](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3753.html>) * [CVE-2021-3759](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3759.html>) * [CVE-2019-19449](<https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-19449.html>) * [CVE-2020-36322](<https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-36322.html>) * [CVE-2020-36385](<https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-36385.html>) * [CVE-2021-3655](<https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3655.html>) ## History 2022-01-20: Initial vulnerability report published.


Affected Software


CPE Name Name Version
bionic stemcells 1.41
cflinuxfs3 0.265.0
cf deployment 17.1.0

Related