Canonical has released a new major update for multiple versions of the Ubuntu OS as it looks to target more than a dozen high-severity vulnerabilities recently discovered in the Linux kernel.
The new update fixes five flaws found in all supported Ubuntu releases (Impish Indri, Focal Fossa, Bionic Beaver, as well as 16.04 and 14.04). Others are affecting specific versions of the OS.
Of the flaws being handled, the media are singling out CVE-2021-22600, a double-free vulnerability found in the kernel’s Packet network protocol implementation, or CVE-2021-4083, a race condition issue found in the Unix domain socket implementation.
We’re looking at how our readers use VPNs with different devices so we can improve our content and offer better advice. This survey shouldn’t take more than 60 seconds of your time, and entrants from the UK and US will have the chance to enter a draw for a £100 Amazon gift card (or equivalent in USD). Thank you for taking part.
Running arbitrary code
Both of these could brick the device, or allow the threat actor to run arbitrary code, remotely.
Other notable flaws include CVE-2021-4155, found in the XFS file system implementation, CVE-2022-0330, found in the Intel i915 graphics driver, or CVE-2022-22942, found in the VMware Virtual GPU driver, all of which would allow threat actors the ability to run arbitrary code, extract data, or run denial of service attacks.
Canonical has urged all of its users to update their endpoints to the latest Linux kernel versions (linux-image-generic 18.104.22.168.40 for Ubuntu 21.10, linux-image-generic 22.214.171.124.113 for Ubuntu 20.04 LTS and 18.04 LTS, or linux-image-generic 126.96.36.199.158 for Ubuntu 18.04 LTS), immediately.
The easiest way to patch the system up, 9to5Linux reports, is to run the sudo apt update && sudo apt full-upgrade command in the Terminal app, or another terminal emulator. Alternatively, users can go for the Software Updater graphical utility, to install the new kernel versions and any other pending updates.
The updates are available in the stable repositories, the publication adds. The devices will need to be restarted after patching, while any third-party modules installed, will need to be rebuilt or reinstalled.
- Here’s our rundown of the best laptops for developers available now