The most important flaw patched in this new Ubuntu kernel security update is CVE-2021-3178, which was discovered in Linux kernel’s NFS implementation and affects the Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS releases.
This could allow a remote attacker to bypass NFS access restrictions and traverse to other parts of the filesystem via READDIRPLUS when there’s an NFS export of a subdirectory of a file system. Another vulnerability patched in this new Linux kernel security update is CVE-2020-36158, a flaw discovered in the Marvell WiFi-Ex device driver that could allow a local attacker to either crash the system by causing a denial of service or possibly execute arbitrary code. This affects all supported Ubuntu releases, including Ubuntu 20.10, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS.