Lucene search

K
cloudfoundryCloud FoundryCFOUNDRY:AC02087E8D08333A794B0ABB1DCAAA75
HistoryOct 04, 2021 - 12:00 a.m.

USN-5071-2: Linux kernel (HWE) vulnerabilities | Cloud Foundry

2021-10-0400:00:00
Cloud Foundry
www.cloudfoundry.org
36

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

23.3%

Severity

High

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 18.04

Description

Several security issues were fixed in the Linux kernel.

USN-5071-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04

LTS. This update provides the corresponding updates for the Linux

Hardware Enablement (HWE) kernel from Ubuntu 20.04 LTS for Ubuntu

18.04 LTS.

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor

implementation for AMD processors in the Linux kernel allowed a guest VM to

disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a

guest VM could use this to read or write portions of the host’s physical

memory. (CVE-2021-3656)

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD

processors in the Linux kernel did not properly prevent a guest VM from

enabling AVIC in nested guest VMs. An attacker in a guest VM could use this

to write to portions of the host’s physical memory. (CVE-2021-3653)

It was discovered that the KVM hypervisor implementation for AMD processors

in the Linux kernel did not ensure enough processing time was given to

perform cleanups of large SEV VMs. A local attacker could use this to cause

a denial of service (soft lockup). (CVE-2020-36311)

It was discovered that the KVM hypervisor implementation in the Linux

kernel did not properly perform reference counting in some situations,

leading to a use-after-free vulnerability. An attacker who could start and

control a VM could possibly use this to expose sensitive information or

execute arbitrary code. (CVE-2021-22543)

Murray McAllister discovered that the joystick device interface in the

Linux kernel did not properly validate data passed via an ioctl(). A local

attacker could use this to cause a denial of service (system crash) or

possibly execute arbitrary code on systems with a joystick device

registered. (CVE-2021-3612)

CVEs contained in this USN include: CVE-2021-3653, CVE-2020-36311, CVE-2021-22543, CVE-2021-3612, CVE-2021-3656.

Affected Cloud Foundry Products and Versions

Severity is high unless otherwise noted.

  • Bionic Stemcells
    • 1.x versions prior to 1.28
    • All other stemcells not listed.

Mitigation

Users of affected products are strongly encouraged to follow the mitigations below. The Cloud Foundry project recommends upgrading the following releases:

  • Bionic Stemcells
    • Upgrade 1.x versions to 1.28 or greater
    • All other stemcells should be upgraded to the latest version available on bosh.io.

References

History

2021-10-04: Initial vulnerability report published.

CPENameOperatorVersion
bionic stemcellslt1.28

8.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

0.001 Low

EPSS

Percentile

23.3%