So the kernels are now being built with impish, and unless people are using my PPA or building their own, then the last install-able kernel for LTS (focal) was 5.11.16.
If you're using mainline on focal, then you might want to drop back to a 5.10.x release which doesn't have the vulnerability, or use my PPA, or follow one of the build instructions posted in this thread.
This has become a security issue!
So the kernels are now being built with impish, and unless people are using my PPA or building their own, then the last install-able kernel for LTS (focal) was 5.11.16.
The 5.11.x series went EOL with 5.11.22, and all 5.11.x have a level 7.8 CVE: https:/ /nvd.nist. gov/vuln/ detail/ CVE-2021- 32606
As far as I can see this is still vulnerable up to and including 5.12.8. Linus applied the fix to his tree here: https:/ /git.kernel. org/pub/ scm/linux/ kernel/ git/torvalds/ linux.git/ commit/ net/can? id=2b17c400aeb4 4daf04162772258 1ade527bb3c1d but that hasn't yet been applied to the stable 5.12.x branch.
Ooops: https:/ /www.openwall. com/lists/ oss-security/ 2021/05/ 28/2
If you're using mainline on focal, then you might want to drop back to a 5.10.x release which doesn't have the vulnerability, or use my PPA, or follow one of the build instructions posted in this thread.