Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Debian Security Advisory DSA-5050-1 Critical: Kernel Escalation and DoS

debian
Calendar Grey January 20, 2022
Debian Logo
Ubuntu Security Notice USN-5060-1 highlights significant vulnerabilities within the Linux kernel that pose risks to system integrity.
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks

Summary

CVE-2021-4155

Kirill Tkhai discovered a data leak in the way the XFS_IOC_ALLOCSP
IOCTL in the XFS filesystem allowed for a size increase of files
with unaligned size. A local attacker can take advantage of this
flaw to leak data on the XFS filesystem.

CVE-2021-28711, CVE-2021-28712, CVE-2021-28713 (XSA-391)

Juergen Gross reported that malicious PV backends can cause a denial
of service to guests being serviced by those backends via high
frequency events, even if those backends are running in a less
privileged environment.

CVE-2021-28714, CVE-2021-28715 (XSA-392)

Juergen Gross discovered that Xen guests can force the Linux
netback driver to hog large amounts of kernel memory, resulting in
denial of service.

CVE-2021-39685

Szymon Heidrich discovered a buffer overflow vulnerability in the
USB gadget subsystem, resulting in information disclosure, denial of
service or privilege escalation.

CVE-2021-45095

It was discovered that the Phone Network p...

Read the Full Advisory

Severity
critical
Lowest
Low
Medium
High
Critical

Package: linux
CVE ID: CVE-2021-4155 CVE-2021-28711 CVE-2021-28712 CVE-2021-28713

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.