{"id":"USN-5082-1","summary":"linux-oem-5.13 vulnerabilities","details":"Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor\nimplementation for AMD processors in the Linux kernel allowed a guest VM to\ndisable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a\nguest VM could use this to read or write portions of the host's physical\nmemory. (CVE-2021-3656)\n\nMaxim Levitsky discovered that the KVM hypervisor implementation for AMD\nprocessors in the Linux kernel did not properly prevent a guest VM from\nenabling AVIC in nested guest VMs. An attacker in a guest VM could use this\nto write to portions of the host's physical memory. (CVE-2021-3653)\n\nNorbert Slusarek discovered a race condition in the CAN BCM networking\nprotocol of the Linux kernel leading to multiple use-after-free\nvulnerabilities. A local attacker could use this issue to execute arbitrary\ncode. (CVE-2021-3609)\n","modified":"2026-04-27T15:56:57.759612Z","published":"2021-09-16T16:49:22Z","related":["UBUNTU-CVE-2021-3609","UBUNTU-CVE-2021-3653","UBUNTU-CVE-2021-3656"],"upstream":["CVE-2021-3609","CVE-2021-3653","CVE-2021-3656","UBUNTU-CVE-2021-3609","UBUNTU-CVE-2021-3653","UBUNTU-CVE-2021-3656"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-5082-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-3609"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-3653"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2021-3656"}],"affected":[{"package":{"name":"linux-oem-5.13","ecosystem":"Ubuntu:20.04:LTS","purl":"pkg:deb/ubuntu/linux-oem-5.13@5.13.0-1012.16?arch=source&distro=focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.13.0-1012.16"}]}],"versions":["5.13.0-1009.10","5.13.0-1010.11"],"ecosystem_specific":{"binaries":[{"binary_version":"5.13.0-1012.16","binary_name":"linux-buildinfo-5.13.0-1012-oem"},{"binary_version":"5.13.0-1012.16","binary_name":"linux-headers-5.13.0-1012-oem"},{"binary_version":"5.13.0-1012.16","binary_name":"linux-image-unsigned-5.13.0-1012-oem"},{"binary_version":"5.13.0-1012.16","binary_name":"linux-modules-5.13.0-1012-oem"},{"binary_version":"5.13.0-1012.16","binary_name":"linux-oem-5.13-headers-5.13.0-1012"},{"binary_version":"5.13.0-1012.16","binary_name":"linux-oem-5.13-tools-5.13.0-1012"},{"binary_version":"5.13.0-1012.16","binary_name":"linux-oem-5.13-tools-host"},{"binary_version":"5.13.0-1012.16","binary_name":"linux-tools-5.13.0-1012-oem"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-5082-1.json","cves_map":{"cves":[{"id":"CVE-2021-3609","severity":[{"score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2021-3653","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]},{"id":"CVE-2021-3656","severity":[{"score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H","type":"CVSS_V3"},{"score":"high","type":"Ubuntu"}]}],"ecosystem":"Ubuntu:20.04:LTS"}}}],"schema_version":"1.7.5"}