Canonical published a new Linux kernel security update today for all supported Ubuntu releases to address several security vulnerabilities discovered by various researchers.
The new Ubuntu Linux kernel security update is available for the Ubuntu 21.04 (Hirsute Hippo), Ubuntu 20.04 LTS (Focal Fossa), and Ubuntu 18.04 LTS (Bionic Beaver) operating system series, and addresses three security issues related to the Bluetooth subsystem and NFC implementation and affecting all three releases.
These are CVE-2021-3564 and CVE-2021-3573, two flaws discovered in Linux kernel’s Bluetooth subsystem that could lead to a double-free vulnerability or a use-after-free vulnerability, respectively, allowing an attacker to cause a denial of service or possibly execute arbitrary code.
The third security issue affecting all three Ubuntu releases patched in this kernel update is CVE-2021-3587, a vulnerability discovered in Linux kernel’s NFC implementation that could lead to a NULL pointer dereference, thus allowing a local attacker to cause a denial of service.
Only for Ubuntu 21.04 and Ubuntu 20.04 LTS systems, the new kernel security update also patches CVE-2020-26558 and CVE-2021-0129, two other flaws discovered in Linux kernel’s Bluetooth subsystem that could allow an authenticated attacker to expose sensitive information, as well as CVE-2021-28691, a flaw discovered by Michael Brown in Linux kernel’s Xen netback driver that could lead to a use-after-free vulnerability, allowing an attacker in a guest virtual machine to cause a denial of service or possibly execute arbitrary code.
Lastly, only for Ubuntu 20.04 LTS and Ubuntu 18.04 LTS systems, the new Ubuntu kernel security update fixes a vulnerability (CVE-2021-34693) discovered by Norbert Slusarek in Linux kernel’s CAN broadcast manger (bcm) protocol implementation, which could allow a local attacker to expose sensitive information (kernel memory).
The new Ubuntu kernels updates are available in the stable repositories of the Ubuntu 21.04, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS systems for all supported architectures, and Canonical urges all users to update their installations to the new kernel versions as soon as possible.
To update your installations, run the sudo apt update && sudo apt full-upgrade in the Terminal app or use the Software Updater utility. Please keep in mind that you’ll have to reboot your machines for the new kernel versions to be correctly installed, as well as to rebuild and reinstall any third-party kernel modules you might have installed.
Last updated 2 months ago