-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.3240
          USN-5091-1 and USN-5092-1: Linux kernel vulnerabilities
                             29 September 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           Linux kernel
Publisher:         Ubuntu
Operating System:  Ubuntu
Impact/Access:     Execute Arbitrary Code/Commands -- Existing Account      
                   Increased Privileges            -- Existing Account      
                   Denial of Service               -- Remote/Unauthenticated
                   Access Confidential Data        -- Existing Account      
                   Reduced Security                -- Existing Account      
Resolution:        Patch/Upgrade
CVE Names:         CVE-2021-41073 CVE-2021-38205 CVE-2021-38204
                   CVE-2021-38201 CVE-2021-38199 CVE-2021-38160
                   CVE-2021-37576 CVE-2021-37159 CVE-2021-35477
                   CVE-2021-34556 CVE-2021-33624 CVE-2021-3679

Reference:         ESB-2021.3225
                   ESB-2021.3222
                   ESB-2021.3034

Original Bulletin: 
   https://ubuntu.com/security/notices/USN-5091-1
   https://ubuntu.com/security/notices/USN-5092-1

Comment: This bulletin contains two (2) Ubuntu security advisories.

- --------------------------BEGIN INCLUDED TEXT--------------------

USN-5091-1: Linux kernel vulnerabilities
28 September 2021

Several security issues were fixed in the Linux kernel.
Releases

  o Ubuntu 20.04 LTS
  o Ubuntu 18.04 LTS

Packages

  o linux - Linux kernel
  o linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  o linux-aws-5.4 - Linux kernel for Amazon Web Services (AWS) systems
  o linux-azure - Linux kernel for Microsoft Azure Cloud systems
  o linux-azure-5.4 - Linux kernel for Microsoft Azure cloud systems
  o linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  o linux-gcp-5.4 - Linux kernel for Google Cloud Platform (GCP) systems
  o linux-gke - Linux kernel for Google Container Engine (GKE) systems
  o linux-gke-5.4 - Linux kernel for Google Container Engine (GKE) systems
  o linux-gkeop - Linux kernel for Google Container Engine (GKE) systems
  o linux-gkeop-5.4 - Linux kernel for Google Container Engine (GKE) systems
  o linux-hwe-5.4 - Linux hardware enablement (HWE) kernel
  o linux-kvm - Linux kernel for cloud environments
  o linux-oracle - Linux kernel for Oracle Cloud systems
  o linux-oracle-5.4 - Linux kernel for Oracle Cloud systems

Details

Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk
discovered that the BPF verifier in the Linux kernel missed possible
mispredicted branches due to type confusion, allowing a side-channel
attack. An attacker could use this to expose sensitive information.
( CVE-2021-33624 )

It was discovered that the tracing subsystem in the Linux kernel did not
properly keep track of per-cpu ring buffer state. A privileged attacker
could use this to cause a denial of service. ( CVE-2021-3679 )

Alexey Kardashevskiy discovered that the KVM implementation for PowerPC
systems in the Linux kernel did not properly validate RTAS arguments in
some situations. An attacker in a guest vm could use this to cause a denial
of service (host OS crash) or possibly execute arbitrary code.
( CVE-2021-37576 )

It was discovered that the Virtio console implementation in the Linux
kernel did not properly validate input lengths in some situations. A local
attacker could possibly use this to cause a denial of service (system
crash). ( CVE-2021-38160 )

Michael Wakabayashi discovered that the NVSv4 client implementation in the
Linux kernel did not properly order connection setup operations. An
attacker controlling a remote NFS server could use this to cause a denial
of service on the client. ( CVE-2021-38199 )

It was discovered that the MAX-3421 host USB device driver in the Linux
kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). ( CVE-2021-38204 )

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 20.04

  o linux-image-5.4.0-88-lowlatency - 5.4.0-88.99
  o linux-image-gkeop - 5.4.0.1024.27
  o linux-image-virtual - 5.4.0.88.92
  o linux-image-5.4.0-88-generic-lpae - 5.4.0-88.99
  o linux-image-generic - 5.4.0.88.92
  o linux-image-oem - 5.4.0.88.92
  o linux-image-oem-osp1 - 5.4.0.88.92
  o linux-image-5.4.0-1057-aws - 5.4.0-1057.60
  o linux-image-azure-lts-20.04 - 5.4.0.1059.57
  o linux-image-5.4.0-88-generic - 5.4.0-88.99
  o linux-image-5.4.0-1053-gke - 5.4.0-1053.56
  o linux-image-gkeop-5.4 - 5.4.0.1024.27
  o linux-image-5.4.0-1059-azure - 5.4.0-1059.62
  o linux-image-5.4.0-1024-gkeop - 5.4.0-1024.25
  o linux-image-gcp-lts-20.04 - 5.4.0.1053.63
  o linux-image-aws-lts-20.04 - 5.4.0.1057.60
  o linux-image-5.4.0-1055-oracle - 5.4.0-1055.59
  o linux-image-5.4.0-1047-kvm - 5.4.0-1047.49
  o linux-image-generic-lpae - 5.4.0.88.92
  o linux-image-oracle-lts-20.04 - 5.4.0.1055.55
  o linux-image-gke - 5.4.0.1053.63
  o linux-image-kvm - 5.4.0.1047.46
  o linux-image-gke-5.4 - 5.4.0.1053.63
  o linux-image-5.4.0-1053-gcp - 5.4.0-1053.57
  o linux-image-lowlatency - 5.4.0.88.92

Ubuntu 18.04

  o linux-image-generic-hwe-18.04 - 5.4.0.87.98~18.04.78
  o linux-image-snapdragon-hwe-18.04 - 5.4.0.87.98~18.04.78
  o linux-image-oem - 5.4.0.87.98~18.04.78
  o linux-image-aws - 5.4.0.1057.40
  o linux-image-5.4.0-87-generic-lpae - 5.4.0-87.98~18.04.1
  o linux-image-oem-osp1 - 5.4.0.87.98~18.04.78
  o linux-image-5.4.0-1057-aws - 5.4.0-1057.60~18.04.1
  o linux-image-generic-lpae-hwe-18.04 - 5.4.0.87.98~18.04.78
  o linux-image-5.4.0-1059-azure - 5.4.0-1059.62~18.04.1
  o linux-image-gkeop-5.4 - 5.4.0.1024.25~18.04.25
  o linux-image-azure - 5.4.0.1059.39
  o linux-image-5.4.0-1024-gkeop - 5.4.0-1024.25~18.04.1
  o linux-image-virtual-hwe-18.04 - 5.4.0.87.98~18.04.78
  o linux-image-5.4.0-1055-oracle - 5.4.0-1055.59~18.04.1
  o linux-image-5.4.0-87-lowlatency - 5.4.0-87.98~18.04.1
  o linux-image-gcp - 5.4.0.1053.39
  o linux-image-oracle - 5.4.0.1055.59~18.04.35
  o linux-image-lowlatency-hwe-18.04 - 5.4.0.87.98~18.04.78
  o linux-image-gke-5.4 - 5.4.0.1053.56~18.04.18
  o linux-image-5.4.0-1053-gke - 5.4.0-1053.56~18.04.1
  o linux-image-5.4.0-87-generic - 5.4.0-87.98~18.04.1
  o linux-image-5.4.0-1053-gcp - 5.4.0-1053.57~18.04.1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

  o CVE-2021-38160
  o CVE-2021-3679
  o CVE-2021-38199
  o CVE-2021-33624
  o CVE-2021-38204
  o CVE-2021-37576

Related notices

  o USN-5073-2 : linux-modules-4.15.0-1108-gcp,
    linux-buildinfo-4.15.0-1108-gcp, linux-modules-extra-gke,
    linux-headers-gcp, linux-gcp-4.15-headers-4.15.0-1108,
    linux-modules-extra-4.15.0-1108-gcp, linux-modules-extra-gcp-lts-18.04,
    linux-image-gcp-lts-18.04, linux-tools-gcp-lts-18.04,
    linux-image-unsigned-4.15.0-1108-gcp, linux-headers-4.15.0-1108-gcp,
    linux-gke, linux-tools-gke, linux-image-gke, linux-headers-gke,
    linux-tools-gcp, linux-tools-4.15.0-1108-gcp,
    linux-gcp-4.15-tools-4.15.0-1108, linux-image-4.15.0-1108-gcp,
    linux-gcp-4.15, linux-image-gcp, linux-modules-extra-gcp, linux-gcp,
    linux-gcp-headers-4.15.0-1108, linux-headers-gcp-lts-18.04,
    linux-gcp-lts-18.04, linux-gcp-tools-4.15.0-1108
  o USN-5073-1 : linux-aws-cloud-tools-4.15.0-1111,
    linux-buildinfo-4.15.0-1099-kvm, linux-modules-extra-4.15.0-156-generic,
    linux-image-4.15.0-1027-dell300x, linux-headers-kvm,
    linux-image-generic-lpae, linux-buildinfo-4.15.0-156-generic,
    linux-headers-oem, linux-cloud-tools-lowlatency-hwe-16.04-edge,
    linux-image-4.15.0-156-generic-lpae,
    linux-image-unsigned-4.15.0-1123-azure, linux-image-lowlatency,
    linux-cloud-tools-lowlatency-hwe-16.04, linux-headers-virtual,
    linux-signed-lowlatency, linux-image-unsigned-4.15.0-1080-oracle,
    linux-image-unsigned-4.15.0-156-generic, linux-tools-dell300x,
    linux-azure-tools-4.15.0-1123, linux-modules-4.15.0-1112-snapdragon,
    linux-tools-4.15.0-156-lowlatency, linux-headers-virtual-hwe-16.04-edge,
    linux-image-4.15.0-1099-kvm, linux-modules-extra-4.15.0-1123-azure,
    linux-oracle, linux-headers-lowlatency, linux-aws-edge, linux-azure,
    linux-cloud-tools-azure-lts-18.04,
    linux-image-extra-virtual-hwe-16.04-edge,
    linux-aws-hwe-cloud-tools-4.15.0-1111, linux-headers-aws-lts-18.04,
    linux-azure-lts-18.04, linux-crashdump, linux-image-virtual,
    linux-tools-4.15.0-156-generic, linux-image-oracle,
    linux-image-azure-lts-18.04, linux-tools-common,
    linux-aws-tools-4.15.0-1111, linux-modules-4.15.0-156-lowlatency,
    linux-oracle-lts-18.04, linux-signed-image-azure-lts-18.04,
    linux-image-lowlatency-hwe-16.04-edge, linux-tools-4.15.0-1080-oracle,
    linux-headers-4.15.0-1080-oracle, linux-tools-aws-lts-18.04, linux,
    linux-kvm, linux-headers-generic-lpae-hwe-16.04, linux-generic-hwe-16.04,
    linux-virtual, linux-headers-4.15.0-156-generic, linux-tools-oracle,
    linux-image-extra-virtual-hwe-16.04, linux-cloud-tools-virtual-hwe-16.04,
    linux-modules-4.15.0-156-generic-lpae, linux-generic-lpae,
    linux-image-generic, linux-tools-generic, linux-doc,
    linux-buildinfo-4.15.0-156-lowlatency, linux-headers-oracle-lts-18.04,
    linux-signed-image-generic, linux-tools-4.15.0-156,
    linux-modules-extra-azure-lts-18.04, linux-signed-lowlatency-hwe-16.04,
    linux-image-4.15.0-156-generic, linux-signed-oracle-lts-18.04,
    linux-tools-virtual-hwe-16.04, linux-dell300x-headers-4.15.0-1027,
    linux-hwe-cloud-tools-4.15.0-156, linux-signed-azure,
    linux-tools-4.15.0-1123-azure, linux-cloud-tools-4.15.0-156-generic,
    linux-generic-hwe-16.04-edge, linux-image-4.15.0-156-lowlatency,
    linux-image-snapdragon, linux-signed-generic,
    linux-tools-lowlatency-hwe-16.04, linux-tools-generic-hwe-16.04-edge,
    linux-aws-lts-18.04, linux-image-lowlatency-hwe-16.04,
    linux-image-virtual-hwe-16.04-edge, linux-lowlatency-hwe-16.04-edge,
    linux-azure-4.15-tools-4.15.0-1123, linux-cloud-tools-virtual,
    linux-image-4.15.0-1112-snapdragon, linux-tools-aws-hwe,
    linux-buildinfo-4.15.0-1027-dell300x, linux-kvm-headers-4.15.0-1099,
    linux-image-oracle-lts-18.04, linux-libc-dev, linux-tools-virtual,
    linux-headers-4.15.0-156-generic-lpae, linux-headers-oracle,
    linux-image-azure-edge, linux-modules-4.15.0-1099-kvm,
    linux-signed-image-oem, linux-tools-generic-lpae,
    linux-dell300x-tools-4.15.0-1027, linux-image-dell300x,
    linux-headers-virtual-hwe-16.04, linux-tools-virtual-hwe-16.04-edge,
    linux-tools-4.15.0-1112-snapdragon, linux-oracle-tools-4.15.0-1080,
    linux-cloud-tools-4.15.0-1123-azure, linux-signed-generic-hwe-16.04,
    linux-oem, linux-image-azure, linux-headers-lowlatency-hwe-16.04-edge,
    linux-image-aws-hwe, linux-tools-oem, linux-aws-hwe-tools-4.15.0-1111,
    linux-azure-4.15-headers-4.15.0-1123, linux-tools-4.15.0-1111-aws,
    linux-azure-edge, linux-signed-image-azure, linux-generic, linux-source,
    linux-azure-4.15-cloud-tools-4.15.0-1123, linux-modules-4.15.0-156-generic,
    linux-azure-4.15, linux-tools-azure-lts-18.04,
    linux-tools-oracle-lts-18.04, linux-signed-image-oracle-lts-18.04,
    linux-virtual-hwe-16.04, linux-cloud-tools-4.15.0-156-lowlatency,
    linux-image-extra-virtual, linux-signed-generic-hwe-16.04-edge,
    linux-lowlatency, linux-modules-extra-aws-hwe,
    linux-cloud-tools-4.15.0-1111-aws, linux-signed-azure-edge,
    linux-generic-lpae-hwe-16.04-edge, linux-modules-extra-4.15.0-1080-oracle,
    linux-signed-oem, linux-modules-extra-aws-lts-18.04,
    linux-signed-image-lowlatency, linux-aws-hwe,
    linux-buildinfo-4.15.0-1112-snapdragon, linux-image-generic-hwe-16.04-edge,
    linux-tools-generic-hwe-16.04, linux-tools-generic-lpae-hwe-16.04-edge,
    linux-image-4.15.0-1111-aws, linux-modules-extra-azure,
    linux-image-unsigned-4.15.0-1027-dell300x, linux-aws-headers-4.15.0-1111,
    linux-cloud-tools-generic-hwe-16.04-edge,
    linux-cloud-tools-virtual-hwe-16.04-edge, linux-headers-aws-hwe,
    linux-image-kvm, linux-image-generic-lpae-hwe-16.04-edge,
    linux-image-aws-lts-18.04, linux-modules-extra-4.15.0-1111-aws,
    linux-cloud-tools-4.15.0-156, linux-buildinfo-4.15.0-156-generic-lpae,
    linux-image-generic-lpae-hwe-16.04, linux-buildinfo-4.15.0-1080-oracle,
    linux-image-unsigned-4.15.0-156-lowlatency, linux-tools-4.15.0-1099-kvm,
    linux-tools-generic-lpae-hwe-16.04, linux-virtual-hwe-16.04-edge,
    linux-signed-oracle, linux-tools-4.15.0-156-generic-lpae,
    linux-image-4.15.0-1080-oracle, linux-modules-4.15.0-1123-azure,
    linux-azure-cloud-tools-4.15.0-1123, linux-headers-azure-edge,
    linux-modules-4.15.0-1080-oracle, linux-headers-generic-hwe-16.04-edge,
    linux-headers-generic-lpae-hwe-16.04-edge,
    linux-buildinfo-4.15.0-1123-azure, linux-tools-host,
    linux-signed-image-oracle, linux-modules-4.15.0-1111-aws,
    linux-tools-4.15.0-1027-dell300x, linux-azure-headers-4.15.0-1123,
    linux-modules-4.15.0-1027-dell300x,
    linux-signed-image-generic-hwe-16.04-edge,
    linux-tools-lowlatency-hwe-16.04-edge, linux-headers-lowlatency-hwe-16.04,
    linux-hwe-tools-4.15.0-156, linux-generic-lpae-hwe-16.04,
    linux-tools-lowlatency, linux-cloud-tools-generic-hwe-16.04,
    linux-cloud-tools-common, linux-image-4.15.0-1123-azure,
    linux-cloud-tools-azure, linux-signed-azure-lts-18.04,
    linux-headers-4.15.0-1123-azure, linux-headers-4.15.0-156,
    linux-headers-generic-lpae, linux-dell300x,
    linux-oracle-headers-4.15.0-1080, linux-headers-4.15.0-1111-aws,
    linux-buildinfo-4.15.0-1111-aws, linux-image-oem,
    linux-headers-4.15.0-1112-snapdragon, linux-tools-azure,
    linux-image-generic-hwe-16.04, linux-snapdragon-headers-4.15.0-1112,
    linux-cloud-tools-generic, linux-headers-generic-hwe-16.04,
    linux-signed-image-lowlatency-hwe-16.04-edge,
    linux-headers-4.15.0-1027-dell300x, linux-hwe,
    linux-headers-azure-lts-18.04, linux-lowlatency-hwe-16.04, linux-tools-kvm,
    linux-headers-4.15.0-156-lowlatency, linux-tools-azure-edge, linux-aws,
    linux-image-virtual-hwe-16.04, linux-kvm-tools-4.15.0-1099,
    linux-headers-4.15.0-1099-kvm, linux-tools-snapdragon,
    linux-signed-image-generic-hwe-16.04, linux-cloud-tools-lowlatency,
    linux-signed-image-azure-edge, linux-signed-image-lowlatency-hwe-16.04,
    linux-modules-extra-azure-edge, linux-snapdragon, linux-headers-generic,
    linux-headers-snapdragon, linux-snapdragon-tools-4.15.0-1112,
    linux-headers-azure, linux-cloud-tools-azure-edge, linux-source-4.15.0,
    linux-signed-lowlatency-hwe-16.04-edge, linux-headers-dell300x
  o USN-5092-1 : linux-tools-lowlatency-hwe-20.04, linux-headers-kvm,
    linux-image-generic-lpae, linux-generic-hwe-20.04-edge,
    linux-tools-5.11.0-1019-oracle, linux-headers-lowlatency-hwe-20.04-edge,
    linux-image-lowlatency, linux-headers-virtual,
    linux-headers-virtual-hwe-20.04, linux-tools-aws, linux-image-generic-64k,
    linux-source-5.11.0, linux-tools-5.11.0-1017-kvm,
    linux-image-virtual-hwe-20.04-edge, linux-tools-gke,
    linux-aws-tools-5.11.0-1019, linux-cloud-tools-5.11.0-1019-aws,
    linux-headers-gke, linux-cloud-tools-lowlatency-hwe-20.04,
    linux-headers-generic-lpae-hwe-20.04-edge, linux-headers-lowlatency,
    linux-modules-5.11.0-37-lowlatency, linux-oracle,
    linux-tools-generic-64k-hwe-20.04, linux-aws-edge, linux-virtual-hwe-20.04,
    linux-image-virtual, linux-tools-gcp, linux-tools-common, linux-crashdump,
    linux-modules-extra-aws, linux-buildinfo-5.11.0-37-generic-lpae,
    linux-image-oracle, linux-tools-5.11.0-37-generic-lpae,
    linux-tools-5.11.0-37-lowlatency, linux-headers-5.11.0-37-generic-64k,
    linux, linux-kvm, linux-virtual, linux-image-5.11.0-1019-aws,
    linux-cloud-tools-lowlatency-hwe-20.04-edge,
    linux-headers-virtual-hwe-20.04-edge, linux-tools-oracle,
    linux-headers-generic-hwe-20.04-edge, linux-headers-generic-hwe-20.04,
    linux-tools-lowlatency-hwe-20.04-edge,
    linux-image-unsigned-5.11.0-1020-gcp, linux-cloud-tools-generic-hwe-20.04,
    linux-headers-generic-64k, linux-cloud-tools-virtual-hwe-20.04,
    linux-generic-lpae, linux-generic-64k-hwe-20.04, linux-image-generic,
    linux-image-5.11.0-1019-raspi-nolpae, linux-tools-generic,
    linux-buildinfo-5.11.0-1020-gcp, linux-doc,
    linux-modules-extra-5.11.0-37-generic,
    linux-tools-generic-64k-hwe-20.04-edge,
    linux-modules-5.11.0-37-generic-lpae, linux-cloud-tools-5.11.0-37-generic,
    linux-image-generic-64k-hwe-20.04, linux-modules-extra-5.11.0-1019-aws,
    linux-headers-5.11.0-37-lowlatency, linux-image-5.11.0-37-generic-lpae,
    linux-modules-5.11.0-1017-kvm, linux-generic-lpae-hwe-20.04,
    linux-headers-5.11.0-37-generic, linux-modules-5.11.0-1019-oracle,
    linux-modules-extra-5.11.0-1019-oracle, linux-aws-5.11,
    linux-cloud-tools-virtual-hwe-20.04-edge,
    linux-image-unsigned-5.11.0-37-generic,
    linux-image-lowlatency-hwe-20.04-edge, linux-oracle-headers-5.11.0-1019,
    linux-tools-generic-lpae-hwe-20.04-edge, linux-oracle-tools-5.11.0-1019,
    linux-cloud-tools-virtual, linux-buildinfo-5.11.0-37-generic-64k,
    linux-gcp-headers-5.11.0-1020, linux-buildinfo-5.11.0-1019-raspi,
    linux-aws-cloud-tools-5.11.0-1019, linux-image-aws, linux-libc-dev,
    linux-tools-virtual, linux-headers-5.11.0-1019-raspi-nolpae,
    linux-headers-oracle, linux-modules-extra-aws-edge,
    linux-headers-5.11.0-1020-gcp, linux-headers-raspi,
    linux-buildinfo-5.11.0-1017-kvm, linux-image-generic-64k-hwe-20.04-edge,
    linux-tools-5.11.0-37-generic-64k, linux-tools-5.11.0-37-generic,
    linux-tools-aws-edge, linux-tools-generic-lpae, linux-image-gcp,
    linux-image-aws-edge, linux-headers-5.11.0-1019-raspi, linux-gcp,
    linux-image-unsigned-5.11.0-37-lowlatency, linux-headers-raspi-nolpae,
    linux-image-5.11.0-37-generic, linux-cloud-tools-5.11.0-37-lowlatency,
    linux-tools-5.11.0-1019-raspi, linux-buildinfo-5.11.0-1019-raspi-nolpae,
    linux-headers-generic-64k-hwe-20.04-edge, linux-generic-hwe-20.04,
    linux-image-unsigned-5.11.0-1017-kvm, linux-generic, linux-source,
    linux-headers-gcp, linux-cloud-tools-generic-hwe-20.04-edge,
    linux-tools-generic-64k, linux-image-unsigned-5.11.0-1019-oracle,
    linux-cloud-tools-5.11.0-37, linux-modules-5.11.0-37-generic,
    linux-tools-raspi, linux-buildinfo-5.11.0-37-generic,
    linux-buildinfo-5.11.0-1019-oracle, linux-image-extra-virtual,
    linux-image-gke, linux-image-lowlatency-hwe-20.04, linux-lowlatency,
    linux-headers-generic-64k-hwe-20.04, linux-tools-virtual-hwe-20.04-edge,
    linux-image-virtual-hwe-20.04, linux-raspi-headers-5.11.0-1019,
    linux-image-extra-virtual-hwe-20.04,
    linux-image-extra-virtual-hwe-20.04-edge, linux-tools-raspi-nolpae,
    linux-aws-5.11-tools-5.11.0-1019, linux-image-5.11.0-1019-oracle,
    linux-virtual-hwe-20.04-edge, linux-kvm-headers-5.11.0-1017,
    linux-image-kvm, linux-aws-5.11-cloud-tools-5.11.0-1019,
    linux-headers-oem-20.04, linux-aws-headers-5.11.0-1019,
    linux-image-generic-lpae-hwe-20.04-edge, linux-image-oem-20.04,
    linux-modules-5.11.0-1020-gcp, linux-modules-5.11.0-37-generic-64k,
    linux-image-5.11.0-37-lowlatency, linux-image-generic-lpae-hwe-20.04,
    linux-modules-5.11.0-1019-raspi, linux-modules-extra-gcp,
    linux-tools-5.11.0-1020-gcp, linux-image-5.11.0-37-generic-64k,
    linux-oem-20.04, linux-buildinfo-5.11.0-1019-aws,
    linux-image-5.11.0-1017-kvm, linux-headers-aws-edge,
    linux-tools-virtual-hwe-20.04, linux-tools-host,
    linux-gcp-tools-5.11.0-1020, linux-tools-5.11.0-1019-aws,
    linux-modules-extra-gke, linux-image-5.11.0-1020-gcp,
    linux-buildinfo-5.11.0-37-lowlatency, linux-image-raspi,
    linux-tools-generic-lpae-hwe-20.04, linux-tools-lowlatency,
    linux-cloud-tools-common, linux-headers-5.11.0-37-generic-lpae, linux-gke,
    linux-headers-generic-lpae-hwe-20.04, linux-image-generic-hwe-20.04-edge,
    linux-headers-generic-lpae, linux-headers-lowlatency-hwe-20.04,
    linux-aws-5.11-headers-5.11.0-1019, linux-tools-generic-hwe-20.04,
    linux-headers-aws, linux-image-generic-hwe-20.04,
    linux-kvm-tools-5.11.0-1017, linux-generic-64k-hwe-20.04-edge,
    linux-cloud-tools-generic, linux-modules-5.11.0-1019-aws,
    linux-modules-5.11.0-1019-raspi-nolpae,
    linux-modules-extra-5.11.0-1020-gcp, linux-tools-oem-20.04,
    linux-headers-5.11.0-37, linux-tools-generic-hwe-20.04-edge,
    linux-raspi-tools-5.11.0-1019, linux-headers-5.11.0-1019-aws,
    linux-image-raspi-nolpae, linux-raspi, linux-lowlatency-hwe-20.04,
    linux-tools-kvm, linux-aws, linux-raspi-nolpae,
    linux-image-unsigned-5.11.0-37-generic-64k,
    linux-lowlatency-hwe-20.04-edge, linux-cloud-tools-lowlatency,
    linux-headers-5.11.0-1017-kvm, linux-image-5.11.0-1019-raspi,
    linux-tools-5.11.0-1019-raspi-nolpae, linux-headers-generic,
    linux-generic-lpae-hwe-20.04-edge, linux-generic-64k,
    linux-tools-5.11.0-37, linux-headers-5.11.0-1019-oracle
  o USN-5073-3 : linux-headers-raspi2, linux-image-raspi2,
    linux-modules-4.15.0-1095-raspi2, linux-headers-4.15.0-1095-raspi2,
    linux-tools-raspi2, linux-tools-4.15.0-1095-raspi2,
    linux-raspi2-headers-4.15.0-1095, linux-image-4.15.0-1095-raspi2,
    linux-raspi2-tools-4.15.0-1095, linux-raspi2,
    linux-buildinfo-4.15.0-1095-raspi2


- --------------------------------------------------------------------------------


USN-5092-1: Linux kernel vulnerabilities
28 September 2021

Several security issues were fixed in the Linux kernel.
Releases

  o Ubuntu 21.04
  o Ubuntu 20.04 LTS

Packages

  o linux - Linux kernel
  o linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  o linux-aws-5.11 - Linux kernel for Amazon Web Services (AWS) systems
  o linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  o linux-kvm - Linux kernel for cloud environments
  o linux-oracle - Linux kernel for Oracle Cloud systems
  o linux-raspi - Linux kernel for Raspberry Pi systems

Details

Valentina Palmiotti discovered that the io_uring subsystem in the Linux
kernel could be coerced to free adjacent memory. A local attacker could use
this to execute arbitrary code. ( CVE-2021-41073 )

Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk
discovered that the BPF verifier in the Linux kernel missed possible
mispredicted branches due to type confusion, allowing a side-channel
attack. An attacker could use this to expose sensitive information.
( CVE-2021-33624 )

Benedict Schlueter discovered that the BPF subsystem in the Linux kernel
did not properly protect against Speculatively Store Bypass (SSB) side-
channel attacks in some situations. A local attacker could possibly use
this to expose sensitive information. ( CVE-2021-34556 )

Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not
properly protect against Speculatively Store Bypass (SSB) side-channel
attacks in some situations. A local attacker could possibly use this to
expose sensitive information. ( CVE-2021-35477 )

It was discovered that the tracing subsystem in the Linux kernel did not
properly keep track of per-cpu ring buffer state. A privileged attacker
could use this to cause a denial of service. ( CVE-2021-3679 )

It was discovered that the Option USB High Speed Mobile device driver in
the Linux kernel did not properly handle error conditions. A physically
proximate attacker could use this to cause a denial of service (system
crash) or possibly execute arbitrary code. ( CVE-2021-37159 )

Alexey Kardashevskiy discovered that the KVM implementation for PowerPC
systems in the Linux kernel did not properly validate RTAS arguments in
some situations. An attacker in a guest vm could use this to cause a denial
of service (host OS crash) or possibly execute arbitrary code.
( CVE-2021-37576 )

It was discovered that the Virtio console implementation in the Linux
kernel did not properly validate input lengths in some situations. A local
attacker could possibly use this to cause a denial of service (system
crash). ( CVE-2021-38160 )

Michael Wakabayashi discovered that the NFSv4 client implementation in the
Linux kernel did not properly order connection setup operations. An
attacker controlling a remote NFS server could use this to cause a denial
of service on the client. ( CVE-2021-38199 )

It was discovered that the Sun RPC implementation in the Linux kernel
contained an out-of-bounds access error. A remote attacker could possibly
use this to cause a denial of service (system crash). ( CVE-2021-38201 )

It was discovered that the MAX-3421 host USB device driver in the Linux
kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). ( CVE-2021-38204 )

It was discovered that the Xilinx 10/100 Ethernet Lite device driver in the
Linux kernel could report pointer addresses in some situations. An attacker
could use this information to ease the exploitation of another
vulnerability. ( CVE-2021-38205 )

Update instructions

The problem can be corrected by updating your system to the following package
versions:

Ubuntu 21.04

  o linux-image-virtual - 5.11.0.37.39
  o linux-image-generic - 5.11.0.37.39
  o linux-image-aws - 5.11.0.1019.20
  o linux-image-5.11.0-1020-gcp - 5.11.0-1020.22
  o linux-image-5.11.0-1019-aws - 5.11.0-1019.20
  o linux-image-5.11.0-37-generic - 5.11.0-37.41
  o linux-image-5.11.0-37-generic-lpae - 5.11.0-37.41
  o linux-image-raspi-nolpae - 5.11.0.1019.17
  o linux-image-oem-20.04 - 5.11.0.37.39
  o linux-image-gke - 5.11.0.1020.20
  o linux-image-5.11.0-1019-raspi-nolpae - 5.11.0-1019.20
  o linux-image-gcp - 5.11.0.1020.20
  o linux-image-5.11.0-1019-raspi - 5.11.0-1019.20
  o linux-image-5.11.0-37-generic-64k - 5.11.0-37.41
  o linux-image-5.11.0-37-lowlatency - 5.11.0-37.41
  o linux-image-oracle - 5.11.0.1019.20
  o linux-image-raspi - 5.11.0.1019.17
  o linux-image-5.11.0-1017-kvm - 5.11.0-1017.18
  o linux-image-5.11.0-1019-oracle - 5.11.0-1019.20
  o linux-image-kvm - 5.11.0.1017.18
  o linux-image-generic-lpae - 5.11.0.37.39
  o linux-image-generic-64k - 5.11.0.37.39
  o linux-image-lowlatency - 5.11.0.37.39

Ubuntu 20.04

  o linux-image-5.11.0-1019-aws - 5.11.0-1019.20~20.04.1
  o linux-image-aws - 5.11.0.1019.20~20.04.18

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References

  o CVE-2021-41073
  o CVE-2021-37576
  o CVE-2021-38204
  o CVE-2021-34556
  o CVE-2021-38201
  o CVE-2021-38205
  o CVE-2021-37159
  o CVE-2021-38160
  o CVE-2021-3679
  o CVE-2021-35477
  o CVE-2021-33624
  o CVE-2021-38199

Related notices

  o USN-5073-1 : linux-modules-4.15.0-1027-dell300x,
    linux-cloud-tools-azure-edge, linux-signed-image-oracle-lts-18.04,
    linux-source, linux-image-dell300x, linux-image-generic-hwe-16.04-edge,
    linux-image-oracle, linux-image-generic-hwe-16.04, linux,
    linux-headers-virtual-hwe-16.04-edge, linux-tools-kvm,
    linux-image-4.15.0-1111-aws, linux-buildinfo-4.15.0-1111-aws,
    linux-azure-4.15-cloud-tools-4.15.0-1123, linux-image-4.15.0-1099-kvm,
    linux-oracle-headers-4.15.0-1080, linux-cloud-tools-4.15.0-1111-aws,
    linux-generic-hwe-16.04, linux-image-lowlatency-hwe-16.04-edge,
    linux-modules-4.15.0-156-generic-lpae, linux-tools-oem,
    linux-tools-4.15.0-1099-kvm, linux-buildinfo-4.15.0-156-generic-lpae,
    linux-aws-lts-18.04, linux-aws-cloud-tools-4.15.0-1111, linux-crashdump,
    linux-headers-lowlatency, linux-image-generic-lpae-hwe-16.04-edge,
    linux-tools-4.15.0-156-generic-lpae, linux-modules-extra-azure-edge,
    linux-aws-edge, linux-modules-4.15.0-1123-azure,
    linux-tools-lowlatency-hwe-16.04, linux-generic-lpae-hwe-16.04,
    linux-image-unsigned-4.15.0-1123-azure, linux-generic-lpae-hwe-16.04-edge,
    linux-buildinfo-4.15.0-1112-snapdragon,
    linux-image-extra-virtual-hwe-16.04, linux-headers-4.15.0-1080-oracle,
    linux-tools-generic-hwe-16.04, linux-hwe,
    linux-buildinfo-4.15.0-1080-oracle, linux-tools-aws-lts-18.04,
    linux-headers-4.15.0-156-lowlatency, linux-tools-virtual-hwe-16.04-edge,
    linux-cloud-tools-virtual-hwe-16.04-edge,
    linux-buildinfo-4.15.0-156-generic, linux-signed-lowlatency,
    linux-aws-headers-4.15.0-1111, linux-image-generic-lpae-hwe-16.04,
    linux-headers-4.15.0-1123-azure, linux-cloud-tools-common,
    linux-azure-lts-18.04, linux-cloud-tools-lowlatency-hwe-16.04-edge,
    linux-image-azure, linux-azure-4.15-headers-4.15.0-1123,
    linux-signed-oracle-lts-18.04, linux-signed-oracle, linux-tools-generic,
    linux-tools-generic-lpae-hwe-16.04, linux-tools-lowlatency-hwe-16.04-edge,
    linux-headers-aws-lts-18.04, linux-signed-generic,
    linux-kvm-headers-4.15.0-1099, linux-modules-4.15.0-1099-kvm,
    linux-snapdragon, linux-headers-4.15.0-156-generic-lpae,
    linux-headers-lowlatency-hwe-16.04, linux-modules-4.15.0-1080-oracle,
    linux-tools-4.15.0-1112-snapdragon, linux-headers-4.15.0-156,
    linux-signed-image-lowlatency, linux-tools-virtual,
    linux-cloud-tools-generic, linux-signed-azure, linux-generic,
    linux-virtual, linux-oracle, linux-image-extra-virtual,
    linux-signed-image-azure, linux-image-generic,
    linux-hwe-cloud-tools-4.15.0-156, linux-tools-host,
    linux-cloud-tools-generic-hwe-16.04-edge,
    linux-image-4.15.0-156-generic-lpae, linux-libc-dev,
    linux-cloud-tools-azure, linux-tools-azure-lts-18.04,
    linux-virtual-hwe-16.04-edge, linux-modules-4.15.0-156-generic,
    linux-signed-lowlatency-hwe-16.04, linux-headers-generic, linux-azure-edge,
    linux-tools-aws-hwe, linux-cloud-tools-lowlatency, linux-image-virtual,
    linux-image-aws-hwe, linux-image-generic-lpae,
    linux-signed-image-generic-hwe-16.04-edge,
    linux-image-4.15.0-1112-snapdragon, linux-signed-azure-lts-18.04,
    linux-cloud-tools-4.15.0-156, linux-headers-generic-hwe-16.04,
    linux-tools-snapdragon, linux-tools-4.15.0-156-lowlatency,
    linux-image-azure-lts-18.04, linux-cloud-tools-generic-hwe-16.04,
    linux-aws-hwe-tools-4.15.0-1111, linux-image-lowlatency-hwe-16.04,
    linux-kvm, linux-tools-oracle, linux-tools-azure-edge,
    linux-aws-hwe-cloud-tools-4.15.0-1111,
    linux-signed-image-generic-hwe-16.04, linux-tools-4.15.0-1123-azure,
    linux-oem, linux-tools-dell300x, linux-buildinfo-4.15.0-1123-azure,
    linux-image-oracle-lts-18.04, linux-modules-extra-azure-lts-18.04,
    linux-signed-generic-hwe-16.04, linux-signed-lowlatency-hwe-16.04-edge,
    linux-headers-oracle-lts-18.04, linux-lowlatency-hwe-16.04,
    linux-tools-4.15.0-1111-aws, linux-image-snapdragon, linux-azure,
    linux-source-4.15.0, linux-generic-hwe-16.04-edge, linux-headers-oem,
    linux-modules-extra-aws-hwe, linux-headers-azure-lts-18.04,
    linux-image-azure-edge, linux-headers-azure-edge,
    linux-cloud-tools-4.15.0-156-lowlatency, linux-tools-common,
    linux-signed-image-azure-lts-18.04, linux-headers-4.15.0-1027-dell300x,
    linux-tools-4.15.0-1027-dell300x, linux-tools-azure,
    linux-headers-4.15.0-156-generic, linux-signed-image-lowlatency-hwe-16.04,
    linux-modules-extra-4.15.0-156-generic,
    linux-cloud-tools-lowlatency-hwe-16.04, linux-virtual-hwe-16.04,
    linux-image-extra-virtual-hwe-16.04-edge,
    linux-modules-extra-4.15.0-1111-aws, linux-aws-hwe,
    linux-azure-4.15-tools-4.15.0-1123, linux-cloud-tools-virtual,
    linux-cloud-tools-4.15.0-156-generic, linux-signed-image-oem,
    linux-cloud-tools-4.15.0-1123-azure, linux-azure-headers-4.15.0-1123,
    linux-image-4.15.0-156-lowlatency, linux-oracle-lts-18.04,
    linux-image-aws-lts-18.04, linux-buildinfo-4.15.0-1099-kvm,
    linux-headers-oracle, linux-image-oem,
    linux-image-unsigned-4.15.0-1080-oracle,
    linux-image-unsigned-4.15.0-156-generic, linux-headers-generic-lpae,
    linux-modules-extra-4.15.0-1080-oracle,
    linux-cloud-tools-virtual-hwe-16.04, linux-signed-oem,
    linux-headers-4.15.0-1099-kvm, linux-signed-image-oracle,
    linux-tools-generic-hwe-16.04-edge,
    linux-image-unsigned-4.15.0-1027-dell300x, linux-signed-azure-edge,
    linux-tools-4.15.0-156, linux-image-4.15.0-1027-dell300x,
    linux-headers-virtual, linux-lowlatency-hwe-16.04-edge,
    linux-image-virtual-hwe-16.04, linux-headers-dell300x,
    linux-azure-cloud-tools-4.15.0-1123, linux-headers-generic-hwe-16.04-edge,
    linux-headers-generic-lpae-hwe-16.04-edge, linux-image-4.15.0-1123-azure,
    linux-oracle-tools-4.15.0-1080, linux-snapdragon-tools-4.15.0-1112,
    linux-modules-4.15.0-1112-snapdragon, linux-tools-oracle-lts-18.04,
    linux-hwe-tools-4.15.0-156, linux-dell300x-tools-4.15.0-1027,
    linux-modules-extra-aws-lts-18.04, linux-tools-lowlatency,
    linux-signed-generic-hwe-16.04-edge, linux-image-lowlatency,
    linux-lowlatency, linux-dell300x-headers-4.15.0-1027,
    linux-tools-4.15.0-1080-oracle, linux-aws,
    linux-buildinfo-4.15.0-1027-dell300x, linux-headers-virtual-hwe-16.04,
    linux-generic-lpae, linux-headers-generic-lpae-hwe-16.04,
    linux-snapdragon-headers-4.15.0-1112, linux-tools-generic-lpae,
    linux-tools-virtual-hwe-16.04, linux-headers-4.15.0-1112-snapdragon,
    linux-signed-image-lowlatency-hwe-16.04-edge,
    linux-image-virtual-hwe-16.04-edge, linux-azure-4.15,
    linux-modules-extra-4.15.0-1123-azure, linux-headers-snapdragon,
    linux-kvm-tools-4.15.0-1099, linux-headers-lowlatency-hwe-16.04-edge,
    linux-dell300x, linux-azure-tools-4.15.0-1123, linux-signed-image-generic,
    linux-headers-kvm, linux-modules-4.15.0-156-lowlatency,
    linux-buildinfo-4.15.0-156-lowlatency, linux-signed-image-azure-edge,
    linux-image-4.15.0-1080-oracle, linux-image-4.15.0-156-generic,
    linux-modules-extra-azure, linux-tools-generic-lpae-hwe-16.04-edge,
    linux-headers-4.15.0-1111-aws, linux-image-kvm, linux-headers-aws-hwe,
    linux-modules-4.15.0-1111-aws, linux-doc,
    linux-image-unsigned-4.15.0-156-lowlatency,
    linux-cloud-tools-azure-lts-18.04, linux-aws-tools-4.15.0-1111,
    linux-tools-4.15.0-156-generic, linux-headers-azure
  o USN-5073-2 : linux-modules-4.15.0-1108-gcp, linux-modules-extra-gcp,
    linux-tools-gcp-lts-18.04, linux-tools-4.15.0-1108-gcp,
    linux-gcp-headers-4.15.0-1108, linux-gke, linux-image-gcp,
    linux-buildinfo-4.15.0-1108-gcp, linux-image-unsigned-4.15.0-1108-gcp,
    linux-gcp-tools-4.15.0-1108, linux-image-gke,
    linux-modules-extra-4.15.0-1108-gcp, linux-modules-extra-gke,
    linux-tools-gke, linux-gcp, linux-gcp-lts-18.04, linux-tools-gcp,
    linux-gcp-4.15-headers-4.15.0-1108, linux-modules-extra-gcp-lts-18.04,
    linux-headers-4.15.0-1108-gcp, linux-headers-gke,
    linux-headers-gcp-lts-18.04, linux-gcp-4.15-tools-4.15.0-1108,
    linux-image-gcp-lts-18.04, linux-gcp-4.15, linux-headers-gcp,
    linux-image-4.15.0-1108-gcp
  o USN-5073-3 : linux-raspi2-headers-4.15.0-1095,
    linux-image-4.15.0-1095-raspi2, linux-headers-raspi2,
    linux-modules-4.15.0-1095-raspi2, linux-raspi2-tools-4.15.0-1095,
    linux-tools-4.15.0-1095-raspi2, linux-tools-raspi2,
    linux-buildinfo-4.15.0-1095-raspi2, linux-raspi2, linux-image-raspi2,
    linux-headers-4.15.0-1095-raspi2
  o USN-5091-1 : linux-headers-5.4.0-1055-oracle, linux-cloud-tools-azure-edge,
    linux-source, linux-image-oracle, linux-tools-kvm,
    linux-gkeop-5.4-source-5.4.0, linux-modules-5.4.0-88-lowlatency,
    linux-generic-hwe-18.04-edge, linux-tools-oem-osp1,
    linux-headers-lowlatency, linux-cloud-tools-5.4.0-87-lowlatency,
    linux-image-5.4.0-1047-kvm, linux-modules-extra-gke,
    linux-snapdragon-hwe-18.04-edge, linux-modules-extra-azure-edge,
    linux-hwe-5.4-source-5.4.0, linux-headers-5.4.0-87-lowlatency,
    linux-buildinfo-5.4.0-87-generic-lpae,
    linux-modules-extra-5.4.0-88-generic, linux-oracle-headers-5.4.0-1055,
    linux-image-generic-hwe-18.04, linux-cloud-tools-5.4.0-88-generic,
    linux-tools-5.4.0-88-lowlatency, linux-image-azure, linux-signed-oracle,
    linux-oracle-5.4-tools-5.4.0-1055, linux-tools-5.4.0-88-generic,
    linux-tools-lowlatency-hwe-18.04, linux-oracle, linux-image-generic,
    linux-image-aws, linux-libc-dev, linux-tools-aws,
    linux-gcp-tools-5.4.0-1053, linux-image-generic-hwe-18.04-edge,
    linux-modules-extra-virtual-hwe-18.04-edge,
    linux-cloud-tools-5.4.0-1024-gkeop, linux-image-generic-lpae,
    linux-headers-gke, linux-image-gkeop-5.4, linux-aws-headers-5.4.0-1057,
    linux-oracle-edge, linux-modules-5.4.0-1024-gkeop, linux-tools-oracle,
    linux-tools-gcp-edge, linux-headers-aws-lts-20.04,
    linux-aws-cloud-tools-5.4.0-1057, linux-modules-5.4.0-87-generic-lpae,
    linux-modules-extra-5.4.0-87-generic, linux-headers-gkeop-5.4,
    linux-image-generic-lpae-hwe-18.04-edge, linux-tools-oracle-lts-20.04,
    linux-tools-5.4.0-87-lowlatency, linux-generic-lpae-hwe-18.04,
    linux-oracle-lts-20.04, linux-cloud-tools-virtual,
    linux-cloud-tools-5.4.0-88, linux-headers-5.4.0-1053-gke,
    linux-signed-oracle-edge, linux-oem-tools-host, linux-headers-gke-5.4,
    linux-image-unsigned-5.4.0-88-lowlatency,
    linux-gkeop-5.4-cloud-tools-5.4.0-1024, linux-lowlatency,
    linux-generic-lpae, linux-headers-aws-edge, linux-tools-gcp-lts-20.04,
    linux-azure-tools-5.4.0-1059, linux-headers-5.4.0-87-generic,
    linux-hwe-5.4-tools-5.4.0-87, linux-image-unsigned-5.4.0-1053-gcp,
    linux-signed-image-azure-edge, linux-image-unsigned-5.4.0-87-lowlatency,
    linux-image-gkeop, linux-buildinfo-5.4.0-88-generic, linux-gcp-lts-20.04,
    linux-image-5.4.0-88-generic, linux-modules-5.4.0-87-generic, linux,
    linux-modules-extra-gcp-edge, linux-oem-osp1, linux-modules-extra-gkeop,
    linux-image-oracle-lts-20.04, linux-crashdump,
    linux-signed-image-oracle-edge, linux-image-extra-virtual-hwe-18.04-edge,
    linux-image-5.4.0-87-generic-lpae, linux-headers-5.4.0-88-lowlatency,
    linux-modules-extra-virtual-hwe-18.04, linux-gkeop-source-5.4.0,
    linux-gcp-5.4, linux-buildinfo-5.4.0-88-generic-lpae,
    linux-buildinfo-5.4.0-1047-kvm, linux-tools-aws-lts-20.04,
    linux-cloud-tools-5.4.0-1057-aws, linux-tools-virtual, linux-gke,
    linux-image-unsigned-5.4.0-1024-gkeop, linux-cloud-tools-virtual-hwe-18.04,
    linux-generic-hwe-18.04, linux-gcp,
    linux-headers-lowlatency-hwe-18.04-edge, linux-tools-gcp,
    linux-cloud-tools-gkeop-5.4, linux-buildinfo-5.4.0-88-lowlatency,
    linux-modules-extra-oracle-edge, linux-modules-extra-5.4.0-1024-gkeop,
    linux-gkeop-headers-5.4.0-1024, linux-headers-oem-osp1, linux-hwe-5.4,
    linux-headers-gcp, linux-tools-azure-edge,
    linux-azure-5.4-tools-5.4.0-1059, linux-cloud-tools-gkeop,
    linux-azure-5.4-headers-5.4.0-1059, linux-image-gcp-lts-20.04, linux-oem,
    linux-gcp-edge, linux-lowlatency-hwe-18.04, linux-azure,
    linux-image-azure-lts-20.04, linux-image-5.4.0-88-lowlatency,
    linux-image-azure-edge, linux-buildinfo-5.4.0-1053-gcp,
    linux-tools-snapdragon-hwe-18.04, linux-image-unsigned-5.4.0-87-generic,
    linux-lowlatency-hwe-18.04-edge, linux-image-5.4.0-1055-oracle,
    linux-tools-lowlatency-hwe-18.04-edge, linux-headers-generic-hwe-18.04,
    linux-headers-virtual-hwe-18.04-edge, linux-gkeop,
    linux-signed-image-oracle, linux-gke-tools-5.4.0-1053,
    linux-modules-extra-gcp, linux-azure-cloud-tools-5.4.0-1059,
    linux-azure-headers-5.4.0-1059, linux-generic-lpae-hwe-18.04-edge,
    linux-gkeop-tools-5.4.0-1024, linux-aws-5.4-cloud-tools-5.4.0-1057,
    linux-tools-5.4.0-87-generic-lpae, linux-tools-generic-lpae,
    linux-hwe-5.4-cloud-tools-common, linux-aws-tools-5.4.0-1057,
    linux-azure-lts-20.04, linux-modules-extra-aws-edge,
    linux-image-unsigned-5.4.0-1059-azure, linux-image-5.4.0-88-generic-lpae,
    linux-oracle-tools-5.4.0-1055, linux-headers-kvm,
    linux-modules-extra-5.4.0-1053-gcp, linux-modules-extra-azure,
    linux-cloud-tools-generic-hwe-18.04, linux-modules-extra-aws,
    linux-image-kvm, linux-doc, linux-modules-5.4.0-1055-oracle, linux-gke-5.4,
    linux-image-5.4.0-87-lowlatency, linux-tools-virtual-hwe-18.04,
    linux-headers-azure, linux-tools-5.4.0-1057-aws,
    linux-tools-5.4.0-87-generic, linux-headers-gcp-lts-20.04,
    linux-aws-5.4-tools-5.4.0-1057, linux-tools-gkeop,
    linux-gke-5.4-tools-5.4.0-1053, linux-modules-5.4.0-88-generic,
    linux-headers-5.4.0-87-generic-lpae, linux-headers-5.4.0-88-generic-lpae,
    linux-buildinfo-5.4.0-87-lowlatency, linux-headers-snapdragon-hwe-18.04,
    linux-hwe-5.4-tools-common, linux-image-virtual-hwe-18.04-edge,
    linux-aws-edge, linux-image-generic-lpae-hwe-18.04,
    linux-tools-5.4.0-1053-gcp, linux-tools-gkeop-5.4,
    linux-headers-5.4.0-88-generic, linux-modules-extra-5.4.0-1059-azure,
    linux-gke-headers-5.4.0-1053, linux-modules-extra-azure-lts-20.04,
    linux-headers-5.4.0-88, linux-tools-azure-lts-20.04,
    linux-cloud-tools-common, linux-modules-extra-5.4.0-1055-oracle,
    linux-signed-azure, linux-buildinfo-5.4.0-1053-gke, linux-virtual,
    linux-signed-image-azure, linux-tools-snapdragon-hwe-18.04-edge,
    linux-tools-host, linux-headers-generic-lpae-hwe-18.04,
    linux-cloud-tools-azure, linux-gkeop-cloud-tools-5.4.0-1024,
    linux-gke-5.4-headers-5.4.0-1053, linux-headers-oracle-lts-20.04,
    linux-azure-edge, linux-headers-lowlatency-hwe-18.04,
    linux-tools-5.4.0-1053-gke, linux-tools-5.4.0-88,
    linux-modules-extra-aws-lts-20.04, linux-image-lowlatency-hwe-18.04,
    linux-kvm, linux-cloud-tools-5.4.0-87-generic,
    linux-modules-5.4.0-1053-gke, linux-modules-extra-gkeop-5.4,
    linux-cloud-tools-5.4.0-1059-azure, linux-image-unsigned-5.4.0-1053-gke,
    linux-headers-oem, linux-image-oem-osp1,
    linux-cloud-tools-lowlatency-hwe-18.04-edge, linux-tools-azure,
    linux-modules-extra-oracle, linux-image-gcp-edge, linux-image-oem,
    linux-image-oracle-edge, linux-headers-generic-lpae,
    linux-cloud-tools-virtual-hwe-18.04-edge,
    linux-image-unsigned-5.4.0-1047-kvm, linux-headers-virtual,
    linux-buildinfo-5.4.0-87-generic, linux-kvm-tools-5.4.0-1047,
    linux-image-5.4.0-1057-aws, linux-tools-lowlatency,
    linux-headers-5.4.0-1047-kvm, linux-image-gke-5.4,
    linux-gkeop-5.4-headers-5.4.0-1024, linux-virtual-hwe-18.04-edge,
    linux-image-gke, linux-modules-5.4.0-1057-aws,
    linux-modules-extra-5.4.0-1053-gke, linux-image-5.4.0-1059-azure,
    linux-headers-5.4.0-1057-aws, linux-gcp-headers-5.4.0-1053,
    linux-image-5.4.0-1053-gcp, linux-image-snapdragon-hwe-18.04-edge,
    linux-cloud-tools-generic-hwe-18.04-edge, linux-gkeop-5.4-tools-5.4.0-1024,
    linux-image-5.4.0-87-generic, linux-headers-aws,
    linux-headers-5.4.0-1053-gcp, linux-azure-5.4, linux-tools-oem,
    linux-azure-5.4-cloud-tools-5.4.0-1059,
    linux-image-unsigned-5.4.0-88-generic, linux-tools-gke,
    linux-tools-5.4.0-1047-kvm, linux-tools-generic-hwe-18.04-edge,
    linux-headers-snapdragon-hwe-18.04-edge,
    linux-headers-generic-hwe-18.04-edge, linux-modules-5.4.0-87-lowlatency,
    linux-modules-5.4.0-1053-gcp, linux-headers-azure-lts-20.04,
    linux-headers-gkeop, linux-tools-5.4.0-1059-azure,
    linux-image-5.4.0-1024-gkeop, linux-buildinfo-5.4.0-1024-gkeop,
    linux-image-extra-virtual-hwe-18.04, linux-buildinfo-5.4.0-1055-oracle,
    linux-tools-generic-lpae-hwe-18.04-edge, linux-headers-5.4.0-1059-azure,
    linux-modules-5.4.0-88-generic-lpae, linux-oem-osp1-tools-host,
    linux-tools-generic, linux-tools-aws-edge, linux-image-aws-edge,
    linux-cloud-tools-generic, linux-cloud-tools-lowlatency-hwe-18.04,
    linux-generic, linux-image-extra-virtual,
    linux-tools-virtual-hwe-18.04-edge, linux-modules-extra-5.4.0-1057-aws,
    linux-tools-generic-lpae-hwe-18.04, linux-snapdragon-hwe-18.04,
    linux-headers-generic, linux-cloud-tools-lowlatency, linux-aws-5.4,
    linux-image-virtual, linux-image-snapdragon-hwe-18.04,
    linux-tools-oracle-edge, linux-virtual-hwe-18.04,
    linux-cloud-tools-5.4.0-88-lowlatency, linux-hwe-5.4-cloud-tools-5.4.0-87,
    linux-modules-5.4.0-1059-azure, linux-headers-azure-edge,
    linux-gcp-5.4-tools-5.4.0-1053, linux-tools-common,
    linux-tools-generic-hwe-18.04, linux-buildinfo-5.4.0-1057-aws,
    linux-hwe-5.4-headers-5.4.0-87, linux-oracle-5.4-headers-5.4.0-1055,
    linux-aws-5.4-headers-5.4.0-1057, linux-modules-5.4.0-1047-kvm,
    linux-tools-5.4.0-1024-gkeop, linux-gcp-5.4-headers-5.4.0-1053,
    linux-image-lowlatency-hwe-18.04-edge, linux-headers-oracle,
    linux-image-virtual-hwe-18.04, linux-signed-azure-edge, linux-source-5.4.0,
    linux-headers-generic-lpae-hwe-18.04-edge, linux-headers-5.4.0-1024-gkeop,
    linux-tools-gke-5.4, linux-gkeop-5.4, linux-modules-extra-gcp-lts-20.04,
    linux-image-lowlatency, linux-aws, linux-image-5.4.0-1053-gke,
    linux-image-gcp, linux-tools-5.4.0-1055-oracle,
    linux-headers-virtual-hwe-18.04, linux-tools-5.4.0-88-generic-lpae,
    linux-image-aws-lts-20.04, linux-image-unsigned-5.4.0-1055-oracle,
    linux-kvm-headers-5.4.0-1047, linux-modules-extra-gke-5.4,
    linux-buildinfo-5.4.0-1059-azure, linux-oracle-5.4, linux-aws-lts-20.04,
    linux-headers-gcp-edge, linux-headers-oracle-edge,
    linux-cloud-tools-azure-lts-20.04

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYVPFwuNLKJtyKPYoAQjcvBAAgR5MP1UMif8ZHo6qxH+TR7CS0KUzumPt
Im60TTHbQznFtoc3Gm1bgwd6/iRG9aQQ5i6HpzR7aJLe3wqwKtAHvcwd0+8IrX8G
4IXSlVdxbQlQAWfQejYC3/kjSqqq1HiY0pudT/RzP0vcfIxCQRX8ovmXFV18zYHr
OGsFFPyG6e9wXq0ULEjltezATWxwFpuNP3Cgz73sOlzXYbpZj8dpIJJ7G30X7eFv
DN1KGqM755+1uHUk+BQ98cwByMmV3ieTcJ++XLrFvSlJQtRZ2jGsdXni+CuwdAzO
DzTl5LN81tboFYmqtnbUo4oE6/czARhbHwZT4EGYs8Erryd3n9f85eCMPlXJ1OyA
+Z0O+IKFqqFzeONzXjY1O6o6hHe5QK+euQppM35x3ITTf/uFVoNv1njiquMfmOnv
XjbRv7mJV2M3rg85SkBvoQtSNmI7OE2D0S4Dh6tt1V8J0SMmqj3tFFEDHgw69d+6
Nvun+L0CTuKQPZ1VLIA1HIZvNwy4MfSif3xxmBsywXY15y3Hzakg7oLYpObs+zLj
4aYtT+JpBBUmE/dSZZIxDm8f27/Ul2bOr/EwybRrck5FCZx3sWR68h3meiLjJAEl
4xP6mx05eAiAYvOmVjIi9+waoFUGEg2RA7SBgHmdR3HoD+u9oxWQ6cPvvCSO/HU5
k0k0ezF/hTs=
=hd4t
-----END PGP SIGNATURE-----