---

Ubuntu 21.04 Users Get Major Kernel Security Update, 17 Vulnerabilities Patched

The new Linux kernel security patch is here about 1.5 months after Ubuntu 21.04’s first kernel update and fixes no less than seven security vulnerabilities (CVE-2020-24586, CVE-2020-24587, CVE-2020-24588, CVE-2020-26139, CVE-2020-26141, CVE-2020-26145, CVE-2020-26147) discovered by Mathy Vanhoef in Linux kernel’s Wi-Fi implementation, which could allow a physically proximate attacker to inject packets, decrypt fragments, exfiltrate selected fragments, expose sensitive information, or cause a denial of service (system crash). The new Ubuntu 21.04 kernel update also patches a race condition (CVE-2021-32399) and a use-after-free flaw (CVE-2021-33034) discovered in Linux kernel’s Bluetooth subsystem and Bluetooth HCI driver respectively. These issues could allow a local attacker to cause a denial of service (system crash) or execute arbitrary code.