UBUNTU 16.04 ELS: kernel released - TuxCare

UBUNTU 16.04 ELS: kernel released

TuxCare Team

November 30, 2021

changelog, Ubuntu16.04 ELS

A new Ubuntu 16.04 kernel within ELS is now available for download from our production repository.

CHANGELOG

ubuntu16_04-els.amd64

  • ELSCVE-1024: CVE-2021-40490: ext4: fix race writing to an inline_data file while its xattrs are changing
  • ELSCVE-1810: CVE-2020-36322: fuse: fix bad inode
  • ELSCVE-561: CVE-2021-33034: Bluetooth: verify AMP hci_chan before amp_destroy
  • ELSCVE-557: CVE-2021-29650: netfilter: x_tables: Use correct memory barriers.
  • ELSCVE-541: CVE-2021-28964: btrfs: fix race when cloning extent buffer during rewind of an old root
  • ELSCVE-505: CVE-2021-32399: bluetooth: eliminate the potential race condition when removing the HCI controller
  • ELSCVE-477: CVE-2021-31916: dm ioctl: fix out of bounds array access when no devices
  • ELSCVE-433: CVE-2021-33033: cipso,calipso: resolve a number of problems with the DOI refcounts
  • ELSCVE-533: CVE-2021-20292: drm/ttm/nouveau: don’t call tt destroy callback on alloc
  • ELSCVE-577: CVE-2021-3612: Input: joydev – prevent potential write out of bounds in ioctl
  • ELSCVE-489: CVE-2021-37576: KVM: PPC: Book3S: Fix H_RTAS rets buffer overflow
  • ELSCVE-707: CVE-2021-38160: virtio_console: Assure used length from device is limited
  • ELSCVE-545: CVE-2021-28972: PCI: rpadlpar: Fix potential drc_name corruption in store functions
  • ELSCVE-813: CVE-2020-25672: nfc: fix memory leak in llcp_sock_connect()
  • ELSCVE-826: CVE-2020-25671: nfc: fix refcount leak in llcp_sock_connect()
  • ELSCVE-827: CVE-2020-25670: nfc: fix refcount leak in llcp_sock_bind()
  • mac80211: fix use-after-free in CCMP/GCMP RX
  • mac80211: fix memory corruption in EAPOL handling
  • mac80211: drop multicast fragments
  • mac80211: extend protection against mixed key and fragment cache attacks
  • mac80211: do not accept/forward invalid EAPOL frames
  • mac80211: prevent attacks on TKIP/WEP as well
  • mac80211: check defrag PN against current frame
  • mac80211: add fragment cache to sta_info
  • mac80211: drop A-MSDUs on old ciphers
  • ELSCVE-836: CVE-2020-24587: CVE-2020-24586: mac80211: prevent mixed key and fragment cache attacks
  • ELSCVE-836: CVE-2020-26147: mac80211: assure all fragments are encrypted
  • ELSCVE-679: CVE-2021-3564: Bluetooth: fix the erroneous flush_work() order

UPDATE COMMAND

apt-get update
apt-get install linux-image-unsigned-4.4.0-211-generic
apt-get install linux-image-unsigned-4.4.0-211-lowlatency

 

Stay in the Loop

Resources

State of Enterprise Linux Cybersecurity ... Read More State of Enterprise Linux Cybersecurity ...
Dangerous remotely exploitable vulnerability ... Read More Dangerous remotely exploitable vulnerability ...
Securing confidential research data ... Read More Securing confidential research data ...
State of Enterprise Vulnerability Detection ... Read More State of Enterprise Vulnerability Detection ...
Demand for Rapid Risk Elimination for ... Read More Demand for Rapid Risk Elimination for ...
TuxCare Free Raspberry Pi Patching Read More TuxCare Free Raspberry Pi Patching