Was this vulnerability CVE-2021-33909 pached by kernel 5.8.0-63-generic?

kernel security

On 21.7.2021 this ZDNET article wrote about serious vulnerability CVE-2021-3390: https://www.zdnet.com/article/patch-now-linux-file-system-security-hole-dubbed-sequoia-can-take-over-systems/?ftag=TRE-03-10aaa6b&bhid=%7B%24external_id%7D&mid=%7B%24MESSAGE_ID%7D&cid=%7B%24contact_id%7D&eh=%7B%24CF_emailHash%7D

On 22.7.2021 there was kernel update of Ubuntu 20.04 LTS from 5.8.0-59-generic to 5.8.0-63-generic. Was this vulnerability CVE-2021-33909 patched by this update?


Solution 1:

The Ubuntu CVE tracker linked to you by @kenn in the comments is going to answer this question instantly.

enter image description here

As you can see, the version of the package 5.8.0-63.71 (in Ubuntu 20.10) will contain the package updates. You can verify your package version by looking at the output of apt-cache policy linux-image-generic and looking at the "Installed" lines. If the "Installed" line is equal to or greater than the version strings below (replace the '-' with a dot for the equivalent version matching syntax for APT packaging versions to kernel versions), you are patched.

Related

VLC Crashes when attempting to open any video (Ubuntu 18.04 with Unity)
Unable to download signal-desktop on Ubuntu 20.04 LTS. Please help!
Executing a command with no output [duplicate]
I wanted to try Lubuntu but can't install guest additions
Alt + tab not working ubuntu 19.04 citrix workspace
"Backups" (deja-dup): after installing duplicity 0.8 from source, "Backups" can't find it
Disable port in pulseaudio
Cronjob is still running even after deletion
More advanced (free) alternatives to Math3D or Geogebra [closed]
Converting to Prenex Normal Form
$\frac{N_1}{\sqrt{N_{1}^{2} + N_2^2}} \perp \frac{N_2}{\sqrt{N_{1}^{2} + N_2^2}}$ where $N_1, N_2 \sim \mathcal{N}(0,1)$ are independent?
Genus 2 - Points at Infinity