Skip to main content

Linux Kernel Multiple Vulnerabilities

Last Update Date: 25 Nov 2021 Release Date: 15 Nov 2021 1449 Views

RISK: Medium Risk

TYPE: Operating Systems - Linux

TYPE: Linux

Multiple vulnerabilities were identified in Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure and data manipulation on the targeted system.

 

[Updated on 2021-11-25]

Updated System / Technologies affected and Solutions.


Impact

  • Denial of Service
  • Remote Code Execution
  • Elevation of Privilege
  • Information Disclosure
  • Data Manipulation

System / Technologies affected

  • Ubuntu 16.04 ESM
  • Ubuntu 18.04 LTS
  • Ubuntu 20.04 LTS

 

  • SUSE Linux Enterprise High Availability 15-SP3
  • SUSE Linux Enterprise Module for Basesystem 15-SP3
  • SUSE Linux Enterprise Module for Development Tools 15-SP3
  • SUSE Linux Enterprise Module for Legacy Software 15-SP3
  • SUSE Linux Enterprise Module for Live Patching 15-SP3
  • SUSE Linux Enterprise Module for Realtime 15-SP2
  • SUSE Linux Enterprise Workstation Extension 15-SP3
  • SUSE MicroOS 5.0
  • SUSE MicroOS 5.1

 

[Updated on 2021-11-25]

 

  • Oracle Linux version 7
  • Oracle Linux version 8

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

For Ubuntu

The problem can be corrected by updating your system to the following package versions:

  • Ubuntu 16.04
  • Ubuntu 18.04
  • Ubuntu 20.04

After a standard system update you need to reboot your computer to make all the necessary changes.

 

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. 

 

 

For SUSE

Apply fixes issued by the vendor:

  • SUSE Linux Enterprise High Availability 15-SP3
  • SUSE Linux Enterprise Module for Basesystem 15-SP3
  • SUSE Linux Enterprise Module for Development Tools 15-SP3
  • SUSE Linux Enterprise Module for Legacy Software 15-SP3
  • SUSE Linux Enterprise Module for Live Patching 15-SP3
  • SUSE Linux Enterprise Module for Realtime 15-SP2
  • SUSE Linux Enterprise Workstation Extension 15-SP3
  • SUSE MicroOS 5.0
  • SUSE MicroOS 5.1

To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch"

 

 

[Updated on 2021-11-25]

 

For Oracle Linux

Apply fixes issued by the vendor:

 

For detail, please refer to the links below:


Vulnerability Identifier


Source


Related Link