Canonical Releases New Linux Kernel Live Patch for Ubuntu 20.04 LTS and 18.04 LTS
Canonical released a new Linux kernel live patch for its long-term supported Ubuntu 20.04 LTS and Ubuntu 18.04 LTS operating system series to address a single security vulnerability.
This new Linux kernel live patch security update comes hot on the heels of the latest Linux kernel security updates released by Canonical last week for all supported Ubuntu Linux releases.
It’s available for users of the Ubuntu 20.04 LTS (Focal Fossa) and Ubuntu 18.04 LTS (Bionic Beaver) operating systems who use the Canonical Livepatch Service for rebootless kernel updates and fixes a single security vulnerability.
The security vulnerability (CVE-2021-3492) was discovered by Vincent Dehors in Linux kernel’s Shiftfs out-of-tree stacking file system, which is included in the Ubuntu Linux kernel by default. This could have allowed a local attacker to cause a denial of service (memory exhaustion) or gain root privileges by executing arbitrary code.
“Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly,” reads the security advisory. “These could lead to either a double-free situation or memory not being freed at all.”
/cdn.vox-cdn.com/uploads/chorus_asset/file/9594885/jetsons.jpg)