vulnerability
Ubuntu: (Multiple Advisories) (CVE-2021-35477): Linux kernel vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:L/Au:N/C:P/I:N/A:N) | 2021-08-02 | 2021-09-28 | 2025-01-23 |
Severity
2
CVSS
(AV:L/AC:L/Au:N/C:P/I:N/A:N)
Published
2021-08-02
Added
2021-09-28
Modified
2025-01-23
Description
In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.
Solution(s)
ubuntu-upgrade-linux-image-5-10-0-1050-oemubuntu-upgrade-linux-image-5-11-0-1017-azureubuntu-upgrade-linux-image-5-11-0-1017-kvmubuntu-upgrade-linux-image-5-11-0-1019-awsubuntu-upgrade-linux-image-5-11-0-1019-oracleubuntu-upgrade-linux-image-5-11-0-1019-raspiubuntu-upgrade-linux-image-5-11-0-1019-raspi-nolpaeubuntu-upgrade-linux-image-5-11-0-1020-gcpubuntu-upgrade-linux-image-5-11-0-37-genericubuntu-upgrade-linux-image-5-11-0-37-generic-64kubuntu-upgrade-linux-image-5-11-0-37-generic-lpaeubuntu-upgrade-linux-image-5-11-0-37-lowlatencyubuntu-upgrade-linux-image-5-13-0-1014-oemubuntu-upgrade-linux-image-5-4-0-1007-ibmubuntu-upgrade-linux-image-5-4-0-1021-bluefieldubuntu-upgrade-linux-image-5-4-0-1026-gkeopubuntu-upgrade-linux-image-5-4-0-1046-raspiubuntu-upgrade-linux-image-5-4-0-1049-kvmubuntu-upgrade-linux-image-5-4-0-1055-gkeubuntu-upgrade-linux-image-5-4-0-1057-gcpubuntu-upgrade-linux-image-5-4-0-1057-oracleubuntu-upgrade-linux-image-5-4-0-1059-awsubuntu-upgrade-linux-image-5-4-0-1063-azureubuntu-upgrade-linux-image-5-4-0-90-genericubuntu-upgrade-linux-image-5-4-0-90-generic-lpaeubuntu-upgrade-linux-image-5-4-0-90-lowlatencyubuntu-upgrade-linux-image-awsubuntu-upgrade-linux-image-aws-lts-20-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-edgeubuntu-upgrade-linux-image-azure-lts-20-04ubuntu-upgrade-linux-image-bluefieldubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-lts-20-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-64kubuntu-upgrade-linux-image-generic-64k-hwe-20-04ubuntu-upgrade-linux-image-generic-hwe-18-04ubuntu-upgrade-linux-image-generic-hwe-20-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-hwe-18-04ubuntu-upgrade-linux-image-generic-lpae-hwe-20-04ubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-5-4ubuntu-upgrade-linux-image-gkeopubuntu-upgrade-linux-image-gkeop-5-4ubuntu-upgrade-linux-image-ibmubuntu-upgrade-linux-image-ibm-lts-20-04ubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-hwe-18-04ubuntu-upgrade-linux-image-lowlatency-hwe-20-04ubuntu-upgrade-linux-image-oemubuntu-upgrade-linux-image-oem-20-04ubuntu-upgrade-linux-image-oem-20-04bubuntu-upgrade-linux-image-oem-20-04cubuntu-upgrade-linux-image-oem-osp1ubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-lts-20-04ubuntu-upgrade-linux-image-raspiubuntu-upgrade-linux-image-raspi-hwe-18-04ubuntu-upgrade-linux-image-raspi-nolpaeubuntu-upgrade-linux-image-raspi2ubuntu-upgrade-linux-image-snapdragon-hwe-18-04ubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-18-04ubuntu-upgrade-linux-image-virtual-hwe-20-04
References
- CVE-2021-35477
- https://attackerkb.com/topics/CVE-2021-35477
- NVD-CVE-2021-35477
- UBUNTU-USN-4979-1
- UBUNTU-USN-5092-1
- UBUNTU-USN-5092-2
- UBUNTU-USN-5092-3
- UBUNTU-USN-5096-1
- UBUNTU-USN-5113-1
- UBUNTU-USN-5115-1
- UBUNTU-USN-5117-1
- UBUNTU-USN-5120-1
- UBUNTU-USN-5135-1
- UBUNTU-USN-5136-1
- UBUNTU-USN-5137-1
- UBUNTU-USN-5137-2
- UBUNTU-USN-5343-1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.