Linux Kernel Multiple Vulnerabilities

Impact

• Denial of Service
• Remote Code Execution
• Information Disclosure

System / Technologies affected

• Ubuntu 14.04 ESM
• Ubuntu 16.04 ESM
• Ubuntu 18.04 LTS
• Ubuntu 20.04 LTS
• Ubuntu 21.04
• Ubuntu 21.10

Solutions

Before installation of the software, please visit the vendor web-site for more details.

The problem can be corrected by updating your system to the following package versions:

• Ubuntu 14.04
• Ubuntu 16.04
• Ubuntu 18.04
• Ubuntu 20.04
• Ubuntu 21.04
• Ubuntu 21.10

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. 

Vulnerability Identifier

• CVE-2019-19449
• CVE-2020-29660
• CVE-2020-29661
• CVE-2020-36322
• CVE-2020-36385
• CVE-2021-3428
• CVE-2021-3655
• CVE-2021-3739
• CVE-2021-3743
• CVE-2021-3753
• CVE-2021-3759
• CVE-2021-34556
• CVE-2021-35477
• CVE-2021-38199
• CVE-2021-42252

Source

• Ubuntu
• AusCERT

Related Link

• https://www.auscert.org.au/bulletins/ESB-2021.3743
• https://ubuntu.com/security/notices/USN-5130-1
• https://ubuntu.com/security/notices/USN-5135-1
• https://ubuntu.com/security/notices/USN-5136-1
• https://ubuntu.com/security/notices/USN-5137-1