{"id":"LSN-0077-1","summary":"Kernel Live Patch Security Notice","details":"Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux\nkernel did not properly handle faults in copy_from_user() when passing\nthrough ioctls to an underlying file system. A local attacker could use\nthis to cause a denial of service (memory exhaustion) or execute arbitrary\ncode.(CVE-2021-3492)","modified":"2025-12-15T10:25:37.805823Z","published":"2021-05-17T07:04:24Z","upstream":["CVE-2021-3492","UBUNTU-CVE-2021-3492"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/LSN-0077-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-3492"}],"affected":[{"package":{"name":"linux-gke-5.4","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/linux-gke-5.4@5.4.0-1042.44~18.04.1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1042.44~18.04.1"}]}],"versions":["5.4.0-1025.25~18.04.1","5.4.0-1027.28~18.04.1","5.4.0-1029.31~18.04.1","5.4.0-1030.32~18.04.1","5.4.0-1032.34~18.04.1","5.4.0-1033.35~18.04.1","5.4.0-1035.37~18.04.1","5.4.0-1036.38~18.04.1","5.4.0-1037.39~18.04.1","5.4.0-1039.41~18.04.1","5.4.0-1040.42~18.04.1"],"ecosystem_specific":{"module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_gke_(\\d+)","availability":"Livepatch subscription required","module_version":"77"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0077-1.json"}},{"package":{"name":"linux-gkeop-5.4","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/linux-gkeop-5.4@5.4.0-1014.15~18.04.1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1014.15~18.04.1"}]}],"versions":["5.4.0-1001.1","5.4.0-1003.3","5.4.0-1004.5","5.4.0-1005.6","5.4.0-1007.8~18.04.1","5.4.0-1008.9~18.04.1","5.4.0-1009.10~18.04.1","5.4.0-1010.11~18.04.1","5.4.0-1011.12~18.04.2","5.4.0-1012.13~18.04.1","5.4.0-1013.14~18.04.1"],"ecosystem_specific":{"module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_gkeop_(\\d+)","availability":"Livepatch subscription required","module_version":"77"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0077-1.json"}},{"package":{"name":"linux-hwe-5.4","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/linux-hwe-5.4@5.4.0-72.80~18.04.1?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-72.80~18.04.1"}]}],"versions":["5.4.0-37.41~18.04.1","5.4.0-39.43~18.04.1","5.4.0-40.44~18.04.1","5.4.0-42.46~18.04.1","5.4.0-45.49~18.04.2","5.4.0-47.51~18.04.1","5.4.0-48.52~18.04.1","5.4.0-51.56~18.04.1","5.4.0-52.57~18.04.1","5.4.0-53.59~18.04.1","5.4.0-54.60~18.04.1","5.4.0-56.62~18.04.1","5.4.0-58.64~18.04.1","5.4.0-59.65~18.04.1","5.4.0-60.67~18.04.1","5.4.0-62.70~18.04.1","5.4.0-64.72~18.04.1","5.4.0-65.73~18.04.1","5.4.0-66.74~18.04.2","5.4.0-67.75~18.04.1","5.4.0-70.78~18.04.1","5.4.0-71.79~18.04.1"],"ecosystem_specific":{"module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)","availability":"Livepatch subscription required","module_version":"77"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0077-1.json"}},{"package":{"name":"linux","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/linux@5.4.0-72.80?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-72.80"}]}],"versions":["5.3.0-18.19","5.3.0-24.26","5.4.0-9.12","5.4.0-18.22","5.4.0-21.25","5.4.0-24.28","5.4.0-25.29","5.4.0-26.30","5.4.0-28.32","5.4.0-29.33","5.4.0-31.35","5.4.0-33.37","5.4.0-37.41","5.4.0-39.43","5.4.0-40.44","5.4.0-42.46","5.4.0-45.49","5.4.0-47.51","5.4.0-48.52","5.4.0-51.56","5.4.0-52.57","5.4.0-53.59","5.4.0-54.60","5.4.0-56.62","5.4.0-58.64","5.4.0-59.65","5.4.0-60.67","5.4.0-62.70","5.4.0-64.72","5.4.0-65.73","5.4.0-66.74","5.4.0-67.75","5.4.0-70.78","5.4.0-71.79"],"ecosystem_specific":{"module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_(?:generic|lowlatency)_(\\d+)","availability":"Livepatch subscription required","module_version":"77"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0077-1.json"}},{"package":{"name":"linux-gcp","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/linux-gcp@5.4.0-1042.45?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1042.45"}]}],"versions":["5.3.0-1004.4","5.3.0-1009.10","5.3.0-1011.12","5.4.0-1005.5","5.4.0-1007.7","5.4.0-1008.8","5.4.0-1009.9","5.4.0-1011.11","5.4.0-1015.15","5.4.0-1018.18","5.4.0-1019.19","5.4.0-1021.21","5.4.0-1022.22","5.4.0-1024.24","5.4.0-1025.25","5.4.0-1028.29","5.4.0-1029.31","5.4.0-1030.32","5.4.0-1032.34","5.4.0-1033.35","5.4.0-1034.37","5.4.0-1036.39","5.4.0-1037.40","5.4.0-1038.41","5.4.0-1040.43","5.4.0-1041.44"],"ecosystem_specific":{"module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_gcp_(\\d+)","availability":"Livepatch subscription required","module_version":"77"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0077-1.json"}},{"package":{"name":"linux-gke","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/linux-gke@5.4.0-1042.44?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1042.44"}]}],"versions":["5.4.0-1033.35","5.4.0-1035.37","5.4.0-1036.38","5.4.0-1037.39","5.4.0-1039.41","5.4.0-1041.43"],"ecosystem_specific":{"module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_gke_(\\d+)","availability":"Livepatch subscription required","module_version":"77"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0077-1.json"}},{"package":{"name":"linux-gkeop","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/linux-gkeop@5.4.0-1014.15?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.0-1014.15"}]}],"versions":["5.4.0-1008.9","5.4.0-1009.10","5.4.0-1010.11","5.4.0-1011.12","5.4.0-1012.13","5.4.0-1013.14"],"ecosystem_specific":{"module_name_regex":"lkp_Ubuntu_5_4_0[_|\\d]+_gkeop_(\\d+)","availability":"Livepatch subscription required","module_version":"77"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/lsn/LSN-0077-1.json"}}],"schema_version":"1.7.3"}