All Vulnerability Reports

USN-5073-1: Linux kernel vulnerabilities

Severity

High

Vendor

VMware Tanzu

Versions Affected

• Canonical Ubuntu 16.04

Description

Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. (CVE-2021-3656)

Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. (CVE-2021-3653)

Norbert Slusarek discovered that the CAN broadcast manger (bcm) protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-34693)

Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an ioctl(). A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code on systems with a joystick device registered. (CVE-2021-3612)

It was discovered that the Virtio console implementation in the Linux kernel did not properly validate input lengths in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2021-38160)

CVEs contained in this USN include: CVE-2021-34693, CVE-2021-3653, CVE-2021-3612, CVE-2021-3656, CVE-2021-38160

Affected VMware Products and Versions

Severity is high unless otherwise noted.

• Isolation Segment
  • 2.7.x versions with Xenial Stemcells prior to 456.186
  • 2.8.x versions with Xenial Stemcells prior to 621.151
  • 2.9.x versions with Xenial Stemcells prior to 621.151
  • 2.10.x versions with Xenial Stemcells prior to 621.151
  • 2.11.x versions with Xenial Stemcells prior to 621.151

• Operations Manager
  • 2.9.x versions prior to 2.9.21
  • 2.10.x versions prior to 2.10.17

• VMware Tanzu Application Service for VMs
  • 2.7.x versions with Xenial Stemcells prior to 456.186
  • 2.8.x versions with Xenial Stemcells prior to 621.151
  • 2.9.x versions with Xenial Stemcells prior to 621.151
  • 2.10.x versions with Xenial Stemcells prior to 621.151
  • 2.11.x versions with Xenial Stemcells prior to 621.151
  • 2.12.x versions with Xenial Stemcells prior to 621.151

Mitigation

Users of affected products are strongly encouraged to follow the mitigation below. On the Tanzu Network product page for each release, check the Depends On section and/or Release Notes for this information. Releases that have fixed this issue include:

• Isolation Segment
  • 2.7.x: Upgrade Xenial Stemcells to 456.186 or greater
  • 2.8.x: Upgrade Xenial Stemcells to 621.151 or greater
  • 2.9.x: Upgrade Xenial Stemcells to 621.151 or greater
  • 2.10.x: Upgrade Xenial Stemcells to 621.151 or greater
  • 2.11.x: Upgrade Xenial Stemcells to 621.151 or greater

• Operations Manager
  • 2.9.21
  • 2.10.17

• VMware Tanzu Application Service for VMs
  • 2.7.x: Upgrade Xenial Stemcells to 456.186 or greater
  • 2.8.x: Upgrade Xenial Stemcells to 621.151 or greater
  • 2.9.x: Upgrade Xenial Stemcells to 621.151 or greater
  • 2.10.x: Upgrade Xenial Stemcells to 621.151 or greater
  • 2.11.x: Upgrade Xenial Stemcells to 621.151 or greater
  • 2.12.x: Upgrade Xenial Stemcells to 621.151 or greater

References

• https://people.canonical.com/~ubuntu-security/cve/CVE-2021-34693
• https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3653
• https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3612
• https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3656
• https://people.canonical.com/~ubuntu-security/cve/CVE-2021-38160
• https://ubuntu.com/security/notices/USN-5073-1

History

2021-12-07: Initial vulnerability report published.