Canonical published today new Linux kernel security updates for the Ubuntu 21.04 (Hirsute Hippo), Ubuntu 20.04 LTS (Focal Fossa), and Ubuntu 18.04 LTS (Bionic Beaver) operating system series.
This latest kernel update is here to address a total of 12 security vulnerabilities affecting the Linux 5.4 LTS kernel in Ubuntu 20.04 LTS and Ubuntu 18.04 LTS systems, as well as the Linux 5.11 kernel in Ubuntu 21.04 systems on all supported architectures and platforms.
For all supported Ubuntu releases, the new Linux kernel security updates fix CVE-2021-33624, a security flaw discovered by Ofek Kirzner, Adam Morrison, Benedict Schlueter, and Piotr Krysiuk, which could leading to a side-channel attack, allowing an attacker to expose sensitive information, as well as CVE-2021-3679, a security issue discovered in the tracing subsystem that could allow a privileged attacker to cause a denial of service.
Same goes for CVE-2021-38199, a security vulnerability discovered by Michael Wakabayashi in the NFSv4 client implementation, which could allow an attacker controlling a remote NFS server to cause a denial of service on the client, and CVE-2021-38204, a flaw discovered in the MAX-3421 host USB device driver, which could allow a physically proximate attacker to cause a denial of service (system crash).
Also fixed for all supported Ubuntu systems is CVE-2021-38160, a flaw discovered in the Virtio console implementation, which could allow a local attacker to crash the vulnerable system by causing a denial of service, and CVE-2021-37576, a flaw discovered by Alexey Kardashevskiy in the KVM implementation for PowerPC
systems, which could allow an attacker in a guest VM to crash the host OS or execute arbitrary code.
Now, only for Ubuntu 21.04 systems running Linux kenel 5.11, the new Linux kernel security update fixes CVE-2021-38201, a flaw discovered in the Sun RPC implementation that could allow a remote attacker to crash the system by causing a denial of service, as well as CVE-2021-34556 and CVE-2021-35477, two security flaws discovered by Benedict Schlueter and Piotr Krysiuk in the BPF subsystem that did not properly protect the system against Speculatively Store Bypass (SSB) side-channel attacks in some situations, allowing a local attacker to expose sensitive information.
Also for Ubuntu 21.04 systems, the new kernel security update fixes CVE-2021-41073, a flaw discovered by Valentina Palmiotti in the io_uring subsystem, which could allow a local attacker to execute arbitrary code, CVE-2021-38205, a flaw discovered in the Xilinx 10/100 Ethernet Lite device driver that could make it easier for an attacker to exploit another vulnerability, and CVE-2021-37159, a flaw discovered in the Option USB High Speed Mobile device driver that could allow a physically proximate attacker to crash the system or execute arbitrary code.
Canonical urges all Ubuntu 21.04, 20.04 LTS, and 18.04 LTS users to update their installations to the new kernel versions (
linux-image-generic 184.108.40.206.39 for Ubuntu 21.04,
linux-image-generic 220.127.116.11.92 for Ubuntu 20.04 LTS, and
linux-image-generic 5.4.0-87.98~18.04.1 for Ubuntu 18.04 LTS) as soon as possible.
To update your installations, use the Software Updater utility or run the
sudo apt update && sudo apt full-upgrade command in the Terminal app. Don’t forget to reboot your machines after a successful installation of the updates.
Last updated 4 weeks ago