Jump to content
  • Ubuntu 21.04 and 20.04 LTS Users Get New Linux Kernel Security Update, Patch Now

    aum

    • 560 views
    • 3 minutes
     Share


    • 560 views
    • 3 minutes

    Canonical published a new Linux kernel security update for Ubuntu 21.04 and Ubuntu 20.04 LTS systems running Linux kernel 5.11 to address a total of eight security vulnerabilities.

     

    Coming only three weeks after the previous kernel security update, the new one is currently only available for Ubuntu 21.04 (Hirsute Hippo) and Ubuntu 20.04.3 LTS (Focal Fossa) systems running the Linux 5.11 kernel series, and it’s available for all supported architectures and kernel flavors that Ubuntu supports.

     

    In this new Ubuntu kernel security patch, there’s a fix for CVE-2021-3732, a flaw discovered by Alois Wohlschlager in the overlay file system that could allow an attacker to expose sensitive information, CVE-2021-3739, a security issue discovered in the Btrfs file system, which could allow an attacker with CAP_SYS_ADMIN to cause a denial of service, and CVE-2021-40490, a race condition discovered in the EXT4 file system that could allow a local attacker to cause a denial of service or gain administrative privileges.

     

    Also patched is CVE-2021-42008, a security vulnerability discovered in Linux kernel’s 6pack network protocol driver, which could allow a privileged attacker to crash the system by causing a denial of service or execute arbitrary code, as well as CVE-2020-3702, a race condition discovered in the Atheros Ath9k Wi-Fi driver, which could allow an attacker to expose sensitive information from the Wi-Fi network traffic.

     

    On top of that, the new Ubuntu kernel security update fixes CVE-2021-3753, a a race condition discovered in the virtual terminal (VT) device implementation that lead to an out-of-bounds read vulnerability, allowing a local attacker to expose sensitive information, and CVE-2021-3743, a security flaw discovered in the Qualcomm IPC Router protocol implementation, which could allow a local attacker to cause a denial of service (system crash) or expose sensitive information.

     

    Lastly, the new kernel security update addresses CVE-2021-38166, an integer overflow discovered in the BPF subsystem, which could allow a local attacker to cause a denial of service (system crash) or possibly execute arbitrary code.

     

    All Ubuntu 21.04 and Ubuntu 20.04 LTS users using the Linux 5.11 kernel from the archives for 64-bit, Raspberry Pi, AWS, GCP, Azure, or KVM systems, are urged to update their systems to the new kernel versions (linux-image 5.11.0.38.39 for 64-bit) as soon as possible.

     

    To update your kernel, simply run the sudo apt update && sudo apt full-upgrade command in the Terminal app or use the Software Updater utility. Don’t forget to reboot your machines after installing the new kernel version.

     

    Source


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...