USN-4916-2: Linux kernel regression
USN-4916-1 fixed vulnerabilities in the Linux kernel. Unfortunately,
the fix for CVE-2021-3493 introduced a memory leak in some situations.
This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)
Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch displacements in
some situations. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-29154)
Source: USN-4916-2: Linux kernel regression