UbuntuUSN-5206-1Linux kernel (OEM) vulnerability
4.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
6.6 Medium
AI Score
Confidence
Low
3.6 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
8.9%
Releases
- Ubuntu 20.04 LTS
Packages
- linux-oem-5.14 - Linux kernel for OEM systems
Details
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 20.04 | noarch | linux-image-oem-20.04d | < 5.14.0.1013.13 | UNKNOWN |
| Ubuntu | 20.04 | noarch | linux-headers-oem-20.04d | < 5.14.0.1013.13 | UNKNOWN |
| Ubuntu | 20.04 | noarch | linux-oem-20.04d | < 5.14.0.1013.13 | UNKNOWN |
| Ubuntu | 20.04 | noarch | linux-tools-oem-20.04d | < 5.14.0.1013.13 | UNKNOWN |
| Ubuntu | 20.04 | noarch | linux-image-5.14.0-1013-oem | < 5.14.0-1013.13 | UNKNOWN |
| Ubuntu | 20.04 | noarch | linux-image-5.14.0-1013-oem-dbgsym | < 5.14.0-1013.13 | UNKNOWN |
References
Related
4.4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
6.6 Medium
AI Score
Confidence
Low
3.6 Low
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:L/AC:L/Au:N/C:P/I:P/A:N
0.0004 Low
EPSS
Percentile
8.9%