-1

On 21.7.2021 this ZDNET article wrote about serious vulnerability CVE-2021-3390: https://www.zdnet.com/article/patch-now-linux-file-system-security-hole-dubbed-sequoia-can-take-over-systems/?ftag=TRE-03-10aaa6b&bhid=%7B%24external_id%7D&mid=%7B%24MESSAGE_ID%7D&cid=%7B%24contact_id%7D&eh=%7B%24CF_emailHash%7D

On 22.7.2021 there was kernel update of Ubuntu 20.04 LTS from 5.8.0-59-generic to 5.8.0-63-generic. Was this vulnerability CVE-2021-33909 patched by this update?

Kapel
  • 317
  • 1
  • 5
  • 18
  • 1
    You could easily find the answer via any search engine with key words "CVE-2021-33909 ubuntu". The answer is in this link https://ubuntu.com/security/CVE-2021-33909 – kenn Jul 23 '21 at 15:02
  • 1
    Does this answer your question? [How can I tell if a CVE has been fixed in Ubuntu's repositories?](https://askubuntu.com/questions/563408/how-can-i-tell-if-a-cve-has-been-fixed-in-ubuntus-repositories) – muru Jul 26 '21 at 09:41

1 Answers1

1

The Ubuntu CVE tracker linked to you by @kenn in the comments is going to answer this question instantly.

enter image description here

As you can see, the version of the package 5.8.0-63.71 (in Ubuntu 20.10) will contain the package updates. You can verify your package version by looking at the output of apt-cache policy linux-image-generic and looking at the "Installed" lines. If the "Installed" line is equal to or greater than the version strings below (replace the '-' with a dot for the equivalent version matching syntax for APT packaging versions to kernel versions), you are patched.

Thomas Ward
  • 72,494
  • 30
  • 173
  • 237