Canonical released today a new Linux kernel security update for its Ubuntu 20.10 (Groovy Gorilla) and Ubuntu 20.04 LTS (Focal Fossa) systems to address a single security vulnerability.
The vulnerability (CVE-2021-26708) was discovered by Alexander Popov as multiple race conditions in Linux kernel’s AF_VSOCK implementation, which could allow a local attacker to crash the system by causing a denial of service or run programs as an administrator (root).
This security issue affects all Ubuntu 20.10 and Ubuntu 20.04 LTS systems running the Linux 5.8 kernel on all supported architectures, including 64-bit, Raspberry Pi (V8) systems, OEM systems, cloud environments (KVM), as well as Amazon Web Services (AWS), Google Cloud Platform (GCP), Oracle Cloud, and Microsoft Azure Cloud systems.
Users are urged to update their installations as soon as possible to the linux-image 5.8.0-43.49 or linux-image 5.8.0-43.49~20.04.1 on 64-bit systems, linux-image-raspi 5.8.0-1015.18 on Raspberry Pi systems (Ubuntu 20.10 only), as well as linux-image-oem 5.6.0-1047.51 on OEM systems (Ubuntu 20.04 LTS only).
Ubuntu 20.10 (Groovy Gorilla) users on cloud environment must update their kernels to linux-image-kvm 5.8.0-1018.20, linux-image-aws 5.8.0-1023.25 on Amazon Web Services (AWS) systems, linux-image-azure 5.8.0-1022.24 on Microsoft Azure Cloud systems, linux-image-gcp 5.8.0-1022.23 on Google Cloud Platform (GCP) systems, and linux-image-oracle 5.8.0-1020.21 on Oracle Cloud systems.
Also today, Canonical released new kernel versions for its Ubuntu 18.04 LTS (Bionic Beaver) operating system series running the Linux 5.0 or Linux 5.3 kernels on 64-bit, Raspberry Pi (V8), or Google Container Engine (GKE) systems to address the CVE-2020-28374 flaw that could allow a remote attacker with access to at least one iSCSI LUN in a multiple backstore environment to expose sensitive information or modify data.
Ubuntu 18.04 LTS users would have to update their installations to linux-image-generic 5.3.0-70.66 on 32-bit or 64-bit systems, linux-image-raspi2 5.3.0-1037.39 on Raspberry Pi (V8) systems, as well as linux-image-gke 5.3.0-1040.43 or linux-image-gke 5.0.0-1051.53 on Google Container Engine (GKE) systems.
You should reboot your installations after installing the new kernel updates, as well as to recompile and
reinstall any third-party kernel modules you might have installed.
Last updated 3 months ago