Canonical published a new Linux kernel security update for Ubuntu 21.04 and Ubuntu 20.04 LTS systems running Linux kernel 5.11 to address a total of eight security vulnerabilities.
Coming only three weeks after the previous kernel security update, the new one is currently only available for Ubuntu 21.04 (Hirsute Hippo) and Ubuntu 20.04.3 LTS (Focal Fossa) systems running the Linux 5.11 kernel series, and it’s available for all supported architectures and kernel flavors that Ubuntu supports.
In this new Ubuntu kernel security patch, there’s a fix for CVE-2021-3732, a flaw discovered by Alois Wohlschlager in the overlay file system that could allow an attacker to expose sensitive information, CVE-2021-3739, a security issue discovered in the Btrfs file system, which could allow an attacker with CAP_SYS_ADMIN to cause a denial of service, and CVE-2021-40490, a race condition discovered in the EXT4 file system that could allow a local attacker to cause a denial of service or gain administrative privileges.
Also patched is CVE-2021-42008, a security vulnerability discovered in Linux kernel’s 6pack network protocol driver, which could allow a privileged attacker to crash the system by causing a denial of service or execute arbitrary code, as well as CVE-2020-3702, a race condition discovered in the Atheros Ath9k Wi-Fi driver, which could allow an attacker to expose sensitive information from the Wi-Fi network traffic.
On top of that, the new Ubuntu kernel security update fixes CVE-2021-3753, a a race condition discovered in the virtual terminal (VT) device implementation that lead to an out-of-bounds read vulnerability, allowing a local attacker to expose sensitive information, and CVE-2021-3743, a security flaw discovered in the Qualcomm IPC Router protocol implementation, which could allow a local attacker to cause a denial of service (system crash) or expose sensitive information.
Lastly, the new kernel security update addresses CVE-2021-38166, an integer overflow discovered in the BPF subsystem, which could allow a local attacker to cause a denial of service (system crash) or possibly execute arbitrary code.
All Ubuntu 21.04 and Ubuntu 20.04 LTS users using the Linux 5.11 kernel from the archives for 64-bit, Raspberry Pi, AWS, GCP, Azure, or KVM systems, are urged to update their systems to the new kernel versions (linux-image 18.104.22.168.39 for 64-bit) as soon as possible.
To update your kernel, simply run the
sudo apt update && sudo apt full-upgrade command in the Terminal app or use the Software Updater utility. Don’t forget to reboot your machines after installing the new kernel version.
Update 21/10/21: Canonical also published security updates for Ubuntu 20.04 LTS and Ubuntu 18.04 LTS systems running Linux kernel 5.4 LTS, addressing some of the vulnerabilities mentioned above, as well as CVE-2021-38198, a flaw discovered in the KVM hypervisor implementation, which could allow a local attacker to cause a denial of service, and CVE-2021-38205, a security issue discovered in the Xilinx 10/100 Ethernet Lite device driver, which could allow an attacker to exploit another vulnerability.
In addition, security updates were also published for Ubuntu 18.04 LTS, Ubuntu 16.04 ESM and Ubuntu 14.04 ESM systems running Linux kernel 4.15.
Last updated 2 years ago