usn-4999-1
Vulnerability from osv_ubuntu
Published
2021-06-23 02:52
Modified
2026-06-03 10:45
Summary
linux, linux-aws, linux-aws-5.8, linux-azure, linux-azure-5.8, linux-gcp, linux-gcp-5.8, linux-hwe-5.8, linux-kvm, linux-oracle, linux-oracle-5.8, linux-raspi vulnerabilities
Details

Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. (CVE-2021-3609)

Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33200)

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly clear received fragments from memory in some situations. A physically proximate attacker could possibly use this issue to inject packets or expose sensitive information. (CVE-2020-24586)

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled encrypted fragments. A physically proximate attacker could possibly use this issue to decrypt fragments. (CVE-2020-24587)

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled certain malformed frames. If a user were tricked into connecting to a malicious server, a physically proximate attacker could use this issue to inject packets. (CVE-2020-24588)

Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-25670)

Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-25671, CVE-2020-25672)

Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly handle error conditions in some situations, leading to an infinite loop. A local attacker could use this to cause a denial of service. (CVE-2020-25673)

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation incorrectly handled EAPOL frames from unauthenticated senders. A physically proximate attacker could inject malicious packets to cause a denial of service (system crash). (CVE-2020-26139)

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets. (CVE-2020-26141)

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation accepted plaintext fragments in certain situations. A physically proximate attacker could use this issue to inject packets. (CVE-2020-26145)

Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could reassemble mixed encrypted and plaintext fragments. A physically proximate attacker could possibly use this issue to inject packets or exfiltrate selected fragments. (CVE-2020-26147)

Or Cohen discovered that the SCTP implementation in the Linux kernel contained a race condition in some situations, leading to a use-after-free condition. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-23133)

Piotr Krysiuk and Benedict Schlueter discovered that the eBPF implementation in the Linux kernel performed out of bounds speculation on pointer arithmetic. A local attacker could use this to expose sensitive information. (CVE-2021-29155)

Manfred Paul discovered that the extended Berkeley Packet Filter (eBPF) implementation in the Linux kernel contained an out-of-bounds vulnerability. A local attacker could use this issue to execute arbitrary code. (CVE-2021-31440)

Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly prevent speculative loads in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-31829)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2020-24586",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-24587",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-24588",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25670",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25671",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25672",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25673",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26139",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26141",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26145",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26147",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-3609",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-23133",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-29155",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-31440",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-31829",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "linux-aws-5.8-cloud-tools-5.8.0-1038",
            "binary_version": "5.8.0-1038.40~20.04.1"
          },
          {
            "binary_name": "linux-aws-5.8-headers-5.8.0-1038",
            "binary_version": "5.8.0-1038.40~20.04.1"
          },
          {
            "binary_name": "linux-aws-5.8-tools-5.8.0-1038",
            "binary_version": "5.8.0-1038.40~20.04.1"
          },
          {
            "binary_name": "linux-buildinfo-5.8.0-1038-aws",
            "binary_version": "5.8.0-1038.40~20.04.1"
          },
          {
            "binary_name": "linux-cloud-tools-5.8.0-1038-aws",
            "binary_version": "5.8.0-1038.40~20.04.1"
          },
          {
            "binary_name": "linux-headers-5.8.0-1038-aws",
            "binary_version": "5.8.0-1038.40~20.04.1"
          },
          {
            "binary_name": "linux-image-5.8.0-1038-aws",
            "binary_version": "5.8.0-1038.40~20.04.1"
          },
          {
            "binary_name": "linux-modules-5.8.0-1038-aws",
            "binary_version": "5.8.0-1038.40~20.04.1"
          },
          {
            "binary_name": "linux-modules-extra-5.8.0-1038-aws",
            "binary_version": "5.8.0-1038.40~20.04.1"
          },
          {
            "binary_name": "linux-tools-5.8.0-1038-aws",
            "binary_version": "5.8.0-1038.40~20.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:20.04:LTS",
        "name": "linux-aws-5.8",
        "purl": "pkg:deb/ubuntu/linux-aws-5.8@5.8.0-1038.40~20.04.1?arch=source\u0026distro=focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.8.0-1038.40~20.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "5.8.0-1035.37~20.04.1"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2020-24586",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-24587",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-24588",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25670",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25671",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25672",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25673",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26139",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26141",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26145",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26147",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-3609",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-23133",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-29155",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-31440",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-31829",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "linux-azure-5.8-cloud-tools-5.8.0-1036",
            "binary_version": "5.8.0-1036.38~20.04.1"
          },
          {
            "binary_name": "linux-azure-5.8-headers-5.8.0-1036",
            "binary_version": "5.8.0-1036.38~20.04.1"
          },
          {
            "binary_name": "linux-azure-5.8-tools-5.8.0-1036",
            "binary_version": "5.8.0-1036.38~20.04.1"
          },
          {
            "binary_name": "linux-buildinfo-5.8.0-1036-azure",
            "binary_version": "5.8.0-1036.38~20.04.1"
          },
          {
            "binary_name": "linux-cloud-tools-5.8.0-1036-azure",
            "binary_version": "5.8.0-1036.38~20.04.1"
          },
          {
            "binary_name": "linux-headers-5.8.0-1036-azure",
            "binary_version": "5.8.0-1036.38~20.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-5.8.0-1036-azure",
            "binary_version": "5.8.0-1036.38~20.04.1"
          },
          {
            "binary_name": "linux-modules-5.8.0-1036-azure",
            "binary_version": "5.8.0-1036.38~20.04.1"
          },
          {
            "binary_name": "linux-modules-extra-5.8.0-1036-azure",
            "binary_version": "5.8.0-1036.38~20.04.1"
          },
          {
            "binary_name": "linux-tools-5.8.0-1036-azure",
            "binary_version": "5.8.0-1036.38~20.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:20.04:LTS",
        "name": "linux-azure-5.8",
        "purl": "pkg:deb/ubuntu/linux-azure-5.8@5.8.0-1036.38~20.04.1?arch=source\u0026distro=focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.8.0-1036.38~20.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "5.8.0-1033.35~20.04.1"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2020-24586",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-24587",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-24588",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25670",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25671",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25672",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25673",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26139",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26141",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26145",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26147",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-3609",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-23133",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-29155",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-31440",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-31829",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "linux-buildinfo-5.8.0-1035-gcp",
            "binary_version": "5.8.0-1035.37~20.04.1"
          },
          {
            "binary_name": "linux-gcp-5.8-headers-5.8.0-1035",
            "binary_version": "5.8.0-1035.37~20.04.1"
          },
          {
            "binary_name": "linux-gcp-5.8-tools-5.8.0-1035",
            "binary_version": "5.8.0-1035.37~20.04.1"
          },
          {
            "binary_name": "linux-headers-5.8.0-1035-gcp",
            "binary_version": "5.8.0-1035.37~20.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-5.8.0-1035-gcp",
            "binary_version": "5.8.0-1035.37~20.04.1"
          },
          {
            "binary_name": "linux-modules-5.8.0-1035-gcp",
            "binary_version": "5.8.0-1035.37~20.04.1"
          },
          {
            "binary_name": "linux-modules-extra-5.8.0-1035-gcp",
            "binary_version": "5.8.0-1035.37~20.04.1"
          },
          {
            "binary_name": "linux-tools-5.8.0-1035-gcp",
            "binary_version": "5.8.0-1035.37~20.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:20.04:LTS",
        "name": "linux-gcp-5.8",
        "purl": "pkg:deb/ubuntu/linux-gcp-5.8@5.8.0-1035.37~20.04.1?arch=source\u0026distro=focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.8.0-1035.37~20.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "5.8.0-1032.34~20.04.1"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2020-24586",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-24587",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-24588",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25670",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25671",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25672",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25673",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26139",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26141",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26145",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26147",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-3609",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-23133",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-29155",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-31440",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-31829",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "block-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "block-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "block-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "crypto-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "crypto-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "crypto-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "dasd-extra-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "dasd-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "fat-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "fat-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "fat-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "fb-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "firewire-core-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "floppy-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "fs-core-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "fs-core-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "fs-core-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "input-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "input-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "input-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "ipmi-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "ipmi-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "ipmi-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "kernel-image-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "kernel-image-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "kernel-image-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-buildinfo-5.8.0-59-generic",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-buildinfo-5.8.0-59-generic-64k",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-buildinfo-5.8.0-59-generic-lpae",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-buildinfo-5.8.0-59-lowlatency",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-cloud-tools-5.8.0-59-generic",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-cloud-tools-5.8.0-59-lowlatency",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-headers-5.8.0-59-generic",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-headers-5.8.0-59-generic-64k",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-headers-5.8.0-59-generic-lpae",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-headers-5.8.0-59-lowlatency",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-hwe-5.8-cloud-tools-5.8.0-59",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-hwe-5.8-cloud-tools-common",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-hwe-5.8-headers-5.8.0-59",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-hwe-5.8-source-5.8.0",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-hwe-5.8-tools-5.8.0-59",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-hwe-5.8-tools-common",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-hwe-5.8-tools-host",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-hwe-5.8-udebs-generic",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-hwe-5.8-udebs-generic-64k",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-hwe-5.8-udebs-generic-lpae",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-image-5.8.0-59-generic",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-image-5.8.0-59-generic-lpae",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-5.8.0-59-generic",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-5.8.0-59-generic-64k",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-5.8.0-59-lowlatency",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-modules-5.8.0-59-generic",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-modules-5.8.0-59-generic-64k",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-modules-5.8.0-59-generic-lpae",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-modules-5.8.0-59-lowlatency",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-modules-extra-5.8.0-59-generic",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-tools-5.8.0-59-generic",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-tools-5.8.0-59-generic-64k",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-tools-5.8.0-59-generic-lpae",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "linux-tools-5.8.0-59-lowlatency",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "md-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "md-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "md-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "message-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "message-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "mouse-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "mouse-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "mouse-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "multipath-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "multipath-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "multipath-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "nfs-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "nfs-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "nfs-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "nic-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "nic-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "nic-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "nic-pcmcia-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "nic-shared-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "nic-shared-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "nic-shared-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "nic-usb-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "nic-usb-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "nic-usb-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "parport-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "parport-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "parport-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "pata-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "pcmcia-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "pcmcia-storage-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "plip-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "plip-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "plip-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "ppp-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "ppp-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "ppp-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "sata-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "sata-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "sata-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "scsi-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "scsi-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "scsi-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "serial-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "storage-core-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "storage-core-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "storage-core-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "usb-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "usb-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "usb-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "virtio-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "virtio-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "vlan-modules-5.8.0-59-generic-64k-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "vlan-modules-5.8.0-59-generic-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          },
          {
            "binary_name": "vlan-modules-5.8.0-59-generic-lpae-di",
            "binary_version": "5.8.0-59.66~20.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:20.04:LTS",
        "name": "linux-hwe-5.8",
        "purl": "pkg:deb/ubuntu/linux-hwe-5.8@5.8.0-59.66~20.04.1?arch=source\u0026distro=focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.8.0-59.66~20.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "5.8.0-23.24~20.04.1",
        "5.8.0-25.26~20.04.1",
        "5.8.0-28.30~20.04.1",
        "5.8.0-29.31~20.04.1",
        "5.8.0-31.33~20.04.1",
        "5.8.0-33.36~20.04.1",
        "5.8.0-34.37~20.04.2",
        "5.8.0-36.40~20.04.1",
        "5.8.0-38.43~20.04.1",
        "5.8.0-40.45~20.04.1",
        "5.8.0-41.46~20.04.1",
        "5.8.0-43.49~20.04.1",
        "5.8.0-44.50~20.04.1",
        "5.8.0-45.51~20.04.1",
        "5.8.0-48.54~20.04.1",
        "5.8.0-49.55~20.04.1",
        "5.8.0-50.56~20.04.1",
        "5.8.0-53.60~20.04.1",
        "5.8.0-55.62~20.04.1"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2020-24586",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-24587",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-24588",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25670",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25671",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25672",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-25673",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26139",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26141",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26145",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2020-26147",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-3609",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-23133",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-29155",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-31440",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2021-31829",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:20.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "linux-buildinfo-5.8.0-1033-oracle",
            "binary_version": "5.8.0-1033.34~20.04.1"
          },
          {
            "binary_name": "linux-headers-5.8.0-1033-oracle",
            "binary_version": "5.8.0-1033.34~20.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-5.8.0-1033-oracle",
            "binary_version": "5.8.0-1033.34~20.04.1"
          },
          {
            "binary_name": "linux-modules-5.8.0-1033-oracle",
            "binary_version": "5.8.0-1033.34~20.04.1"
          },
          {
            "binary_name": "linux-modules-extra-5.8.0-1033-oracle",
            "binary_version": "5.8.0-1033.34~20.04.1"
          },
          {
            "binary_name": "linux-oracle-5.8-headers-5.8.0-1033",
            "binary_version": "5.8.0-1033.34~20.04.1"
          },
          {
            "binary_name": "linux-oracle-5.8-tools-5.8.0-1033",
            "binary_version": "5.8.0-1033.34~20.04.1"
          },
          {
            "binary_name": "linux-tools-5.8.0-1033-oracle",
            "binary_version": "5.8.0-1033.34~20.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:20.04:LTS",
        "name": "linux-oracle-5.8",
        "purl": "pkg:deb/ubuntu/linux-oracle-5.8@5.8.0-1033.34~20.04.1?arch=source\u0026distro=focal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5.8.0-1033.34~20.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "5.8.0-1031.32~20.04.2"
      ]
    }
  ],
  "aliases": [],
  "details": "Norbert Slusarek discovered a race condition in the CAN BCM networking\nprotocol of the Linux kernel leading to multiple use-after-free\nvulnerabilities. A local attacker could use this issue to execute arbitrary\ncode. (CVE-2021-3609)\n\nPiotr Krysiuk discovered that the eBPF implementation in the Linux kernel\ndid not properly enforce limits for pointer operations. A local attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2021-33200)\n\nMathy Vanhoef discovered that the Linux kernel\u2019s WiFi implementation did\nnot properly clear received fragments from memory in some situations. A\nphysically proximate attacker could possibly use this issue to inject\npackets or expose sensitive information. (CVE-2020-24586)\n\nMathy Vanhoef discovered that the Linux kernel\u2019s WiFi implementation\nincorrectly handled encrypted fragments. A physically proximate attacker\ncould possibly use this issue to decrypt fragments. (CVE-2020-24587)\n\nMathy Vanhoef discovered that the Linux kernel\u2019s WiFi implementation\nincorrectly handled certain malformed frames. If a user were tricked into\nconnecting to a malicious server, a physically proximate attacker could use\nthis issue to inject packets. (CVE-2020-24588)\n\nKiyin (\u5c39\u4eae) discovered that the NFC LLCP protocol implementation in the\nLinux kernel contained a reference counting error. A local attacker could\nuse this to cause a denial of service (system crash). (CVE-2020-25670)\n\nKiyin (\u5c39\u4eae) discovered that the NFC LLCP protocol implementation in the\nLinux kernel did not properly deallocate memory in certain error\nsituations. A local attacker could use this to cause a denial of service\n(memory exhaustion). (CVE-2020-25671, CVE-2020-25672)\n\nKiyin (\u5c39\u4eae) discovered that the NFC LLCP protocol implementation in the\nLinux kernel did not properly handle error conditions in some situations,\nleading to an infinite loop. A local attacker could use this to cause a\ndenial of service. (CVE-2020-25673)\n\nMathy Vanhoef discovered that the Linux kernel\u2019s WiFi implementation\nincorrectly handled EAPOL frames from unauthenticated senders. A physically\nproximate attacker could inject malicious packets to cause a denial of\nservice (system crash). (CVE-2020-26139)\n\nMathy Vanhoef discovered that the Linux kernel\u2019s WiFi implementation did\nnot properly verify certain fragmented frames. A physically proximate\nattacker could possibly use this issue to inject or decrypt packets.\n(CVE-2020-26141)\n\nMathy Vanhoef discovered that the Linux kernel\u2019s WiFi implementation\naccepted plaintext fragments in certain situations. A physically proximate\n attacker could use this issue to inject packets. (CVE-2020-26145)\n\nMathy Vanhoef discovered that the Linux kernel\u2019s WiFi implementation could\nreassemble mixed encrypted and plaintext fragments. A physically proximate\nattacker could possibly use this issue to inject packets or exfiltrate\n selected fragments. (CVE-2020-26147)\n\nOr Cohen discovered that the SCTP implementation in the Linux kernel\ncontained a race condition in some situations, leading to a use-after-free\ncondition. A local attacker could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code. (CVE-2021-23133)\n\nPiotr Krysiuk and Benedict Schlueter discovered that the eBPF\nimplementation in the Linux kernel performed out of bounds speculation on\npointer arithmetic. A local attacker could use this to expose sensitive\ninformation. (CVE-2021-29155)\n\nManfred Paul discovered that the extended Berkeley Packet Filter (eBPF)\nimplementation in the Linux kernel contained an out-of-bounds\nvulnerability. A local attacker could use this issue to execute arbitrary\ncode. (CVE-2021-31440)\n\nPiotr Krysiuk discovered that the eBPF implementation in the Linux kernel\ndid not properly prevent speculative loads in certain situations. A local\nattacker could use this to expose sensitive information (kernel memory).\n(CVE-2021-31829)\n",
  "id": "USN-4999-1",
  "modified": "2026-06-03T10:45:26Z",
  "published": "2021-06-23T02:52:44Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-4999-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-24586"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-24587"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-24588"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-25670"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-25671"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-25672"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-25673"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-26139"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-26141"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-26145"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2020-26147"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-3609"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-23133"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-29155"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-31440"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-31829"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2021-33200"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "linux, linux-aws, linux-aws-5.8, linux-azure, linux-azure-5.8, linux-gcp, linux-gcp-5.8, linux-hwe-5.8, linux-kvm, linux-oracle, linux-oracle-5.8, linux-raspi vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2020-24586",
    "UBUNTU-CVE-2020-24587",
    "UBUNTU-CVE-2020-24588",
    "UBUNTU-CVE-2020-25670",
    "UBUNTU-CVE-2020-25671",
    "UBUNTU-CVE-2020-25672",
    "UBUNTU-CVE-2020-25673",
    "UBUNTU-CVE-2020-26139",
    "UBUNTU-CVE-2020-26141",
    "UBUNTU-CVE-2020-26145",
    "UBUNTU-CVE-2020-26147",
    "UBUNTU-CVE-2021-3609",
    "UBUNTU-CVE-2021-23133",
    "UBUNTU-CVE-2021-29155",
    "UBUNTU-CVE-2021-31440",
    "UBUNTU-CVE-2021-31829",
    "UBUNTU-CVE-2021-33200"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…