Today, canonical published the very first Linux kernel security update for its latest Ubuntu 21.04 (Hirsute Hippo) operating system release to address the three security vulnerabilities and a bug.
Just three weeks ago, Ubuntu 21.04 was released three weeks ago and was shipped with the Linux 5.11 Kernel series by default, which has now been patched by the Ubuntu Kernel Team against the three recently identified security vulnerabilities.
These incorporate CVE-2021-3489 and CVE-2021-3490, two vulnerabilities identified by Ryota Shiga and Manfred Paul respectively in Linux Kernel’s eBPF implementation. A local attacker on the network can exploit these security vulnerabilities to crash the system via a denial of service (DoS attack) or execute arbitrary code.
Besides this, Ubuntu 21.04’s first kernel security update adds a workaround for a race condition identified by Norbert Slusarek in Linux Kernel’s CAN ISOTP protocol implementation. To resolve this issue, the Ubuntu Kernel Team had to momentarily eliminate SF_BROADCAST support from the CAN ISOTP implementation in Ubuntu 21.04’s kernels. This issue could be abused by a local attacker in order to crash the system (denial of service) or probably execute arbitrary code.
To patch the CVE-2021-3489 and CVE-2021-3490 security vulnerabilities in the latest new Ubuntu 21.04 (Hirsute Hippo) installations, users will have to update the kernel packages to the latest versions (Linux-image 5.11.0-17.18 for 64-bit) that are right now available to the general public in the stable software repositories.
For updating your system to the latest release, you can use the Software Updater utility or run the beneath command in the Terminal app. Once, the new kernel version is installed, you must restart your computer as soon as possible to do all the essential changes, and also recompile and reinstall any third-party kernel modules that you might have previously installed on your system.
sudo apt update && sudo apt full-upgrade
Interested in Linux News’ daily update? Subscribe to our newsletter for daily updates.