CVE 2021-3612
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Related bugs and status
CVE-2021-3612 (Candidate) is related to these bugs:
Bug #1928679: Support importing mokx keys into revocation list from the mok table
Bug #1932029: Support builtin revoked certificates
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1932029 | Support builtin revoked certificates | linux (Ubuntu) | Undecided | Fix Released | ||
| 1932029 | Support builtin revoked certificates | linux (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1932029 | Support builtin revoked certificates | linux (Ubuntu Hirsute) | Medium | Fix Released | ||
| 1932029 | Support builtin revoked certificates | linux (Ubuntu Xenial) | Undecided | New | ||
| 1932029 | Support builtin revoked certificates | linux (Ubuntu Focal) | Medium | Fix Released | ||
| 1932029 | Support builtin revoked certificates | linux-oem-5.10 (Ubuntu) | Undecided | Invalid | ||
| 1932029 | Support builtin revoked certificates | linux-oem-5.10 (Ubuntu Bionic) | Undecided | Invalid | ||
| 1932029 | Support builtin revoked certificates | linux-oem-5.10 (Ubuntu Focal) | Undecided | Fix Released | ||
| 1932029 | Support builtin revoked certificates | linux-oem-5.10 (Ubuntu Hirsute) | Undecided | Invalid | ||
| 1932029 | Support builtin revoked certificates | linux-oem-5.10 (Ubuntu Xenial) | Undecided | Invalid | ||
| 1932029 | Support builtin revoked certificates | linux-azure-5.8 (Ubuntu) | Undecided | Invalid | ||
| 1932029 | Support builtin revoked certificates | linux-azure-5.8 (Ubuntu Bionic) | Undecided | Invalid | ||
| 1932029 | Support builtin revoked certificates | linux-azure-5.8 (Ubuntu Focal) | Undecided | Fix Released | ||
| 1932029 | Support builtin revoked certificates | linux-azure-5.8 (Ubuntu Hirsute) | Undecided | Invalid | ||
| 1932029 | Support builtin revoked certificates | linux-azure-5.8 (Ubuntu Xenial) | Undecided | Invalid | ||
| 1932029 | Support builtin revoked certificates | linux-hwe-5.8 (Ubuntu) | Undecided | Invalid | ||
| 1932029 | Support builtin revoked certificates | linux-hwe-5.8 (Ubuntu Bionic) | Undecided | Invalid | ||
| 1932029 | Support builtin revoked certificates | linux-hwe-5.8 (Ubuntu Focal) | Medium | Fix Committed | ||
| 1932029 | Support builtin revoked certificates | linux-hwe-5.8 (Ubuntu Hirsute) | Undecided | Invalid | ||
| 1932029 | Support builtin revoked certificates | linux-hwe-5.8 (Ubuntu Xenial) | Undecided | Invalid | ||
Bug #1944902: focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow boot-testing | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow prepare-package-lrg | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow prepare-package-lrm | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow prepare-package-lrs | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow promote-signing-to-proposed | Medium | Invalid | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow sru-review | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow stakeholder-signoff | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
| 1944902 | focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker | linux-azure-5.8 (Ubuntu Focal) | Medium | Fix Released | ||
Bug #1945987: linux: btrfs: fix NULL pointer dereference when deleting device by invalid id
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1945987 | linux: btrfs: fix NULL pointer dereference when deleting device by invalid id | linux-hwe-5.8 (Ubuntu) | Undecided | Invalid | ||
| 1945987 | linux: btrfs: fix NULL pointer dereference when deleting device by invalid id | linux-hwe-5.8 (Ubuntu Focal) | Medium | Fix Committed | ||
| 1945987 | linux: btrfs: fix NULL pointer dereference when deleting device by invalid id | linux-azure-5.8 (Ubuntu) | Undecided | Invalid | ||
| 1945987 | linux: btrfs: fix NULL pointer dereference when deleting device by invalid id | linux-azure-5.8 (Ubuntu Focal) | Medium | Fix Released | ||
| 1945987 | linux: btrfs: fix NULL pointer dereference when deleting device by invalid id | linux-azure (Ubuntu) | Undecided | Invalid | ||
| 1945987 | linux: btrfs: fix NULL pointer dereference when deleting device by invalid id | linux-azure (Ubuntu Focal) | Medium | In Progress | ||
See the 
CVE page on Mitre.org
for more details.
