Ubuntu 21.04 (Hirsute Hippo) end-of-life January 20, 2022

Ubuntu 21.04 (Hirsute Hippo) has reached its end-of-life (EOL) January 20, 2022, nearly nine months after its initial release.

Ubuntu Security Notices will no longer include security updates or information for EOL Ubuntu 21.04. Users should upgrade to Ubuntu 21.10 as soon as possible to ensure full support and to address vulnerabilities.

On a related note earlier this week, researchers found a High risk buffer heap overflow vulnerability (CVE-2022-0185) that could allow processes inside a Linux user namespace to escape (such as containers running on systems).

“William Liu and Jamie Hill-Daniel discovered that the file system context functionality in the Linux kernel contained an integer underflow vulnerability, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code,” the Ubuntu security team stated in the advisory.

The Ubuntu team recommends the following mitigation steps to address CVE-2022-0185:

Disable unprivileged user namespaces:
  sysctl -w kernel.unprivileged_userns_clone=0

Related Articles