New Ubuntu Linux Kernel Security Patches Address 6 Vulnerabilities, Update Now

Ubuntu Security

Canonical published today new Linux kernel security updates for all supported Ubuntu releases to address several security vulnerabilities discovered lately by various security researchers.

Coming three weeks after the previous security updates, which addressed 13 vulnerabilities, the new Linux kernel security patches are available for Ubuntu 21.10 (Impish Indri), Ubuntu 21.04 (Hirsute Hippo), Ubuntu 20.04 LTS (Focal Fossa), Ubuntu 18.04 LTS (Bionic Beaver), as well as Ubuntu 16.04 ESM (Xenial Xerus) and Ubuntu 14.04 ESM (Trusty Tahr) releases to address up to six security vulnerabilities.

For all supported Ubuntu releases, the new security updates fix CVE-2021-3744 and CVE-2021-3764, two security issues discovered in Linux kernel’s AMD Cryptographic Coprocessor (CCP) driver, which could allow a local attacker to cause a denial of service (memory exhaustion).

For Ubuntu 21.10 and 20.04 LTS systems running Linux kernel 5.13, Ubuntu 21.04 and 20.04 LTS systems running Linux kernel 5.11, as well as Ubuntu 20.04 LTS and 18.04 LTS systems running Linux kernel 5.4, the new kernel security updates fix CVE-2021-3655, a flaw discovered Ilja Van Sprundel in Linux kernel’s SCTP implementation, which could allow an attacker to expose sensitive information (kernel memory).

Only for Ubuntu 21.10, 21.04 and 20.04 LTS systems running armhf kernels, the new security updates also fix CVE-2021-42252, a vulnerability discovered in Linux kernel’s Aspeed Low Pin Count (LPC) Bus Controller implementation that could allow a local attacker to crash the system by causing a denial of service or possibly execute arbitrary code.

Only for Ubuntu 21.10 and 20.04 LTS systems running Linux kernel 5.13, the CVE-2021-43057 vulnerability discovered by Google Project Zero’s Jann Horn in the SELinux subsystem was patched as well. Canonical notes that this vulnerability could allow a local attacker to cause a denial of service (system crash) or execute arbitrary code on Ubuntu systems where SELinux is enabled.

Last but not least, the new Linux kernel security updates for Ubuntu addresses CVE-2021-37159, a security flaw discovered in the Option USB High Speed Mobile device driver that could allow a physically proximate attacker to crash the vulnerable system by causing a denial of service or possibly execute arbitrary code. This vulnerability affects Ubuntu 20.04 LTS and 18.04 LTS systems running Linux kernel 5.4, as well as Ubuntu 18.04 LTS, 16.04 ESM, and 14.04 ESM systems running Linux kernel 4.15.

Canonical urges all Ubuntu users to update their installations to the new Linux kernel versions that are now available in the stable archives as soon as possible. To update your Ubuntu system, use the Software Updater graphical utility or run the following commands in the Terminal app. Don’t forget to reboot your systems after installing the new kernel versions, as well as to rebuild and reinstall third-party kernel modules.

sudo apt update && sudo apt full-upgrade

Last updated 2 months ago