Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024

Canonical releases new Linux kernel security updates for all supported Ubuntu releases

The AchieVer

By The AchieVer
in Software News

Recommended Posts

The AchieVer

The AchieVer

Posted
Posted

Canonical releases new Linux kernel security updates for all supported Ubuntu releases to patch users against several vulnerabilities discovered lately by various security researchers.

The security patch fixes an integer overflow vulnerability (CVE-2018-18710) discovered in Linux kernel's CDROM driver, which could allow a local attacker to expose sensitive information. This issue affects all supported Ubuntu releases, including Ubuntu 18.10 (Cosmic Cuttlefish), Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr).

Also fixed are several other vulnerabilities affecting only Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS releases, including a race condition (CVE-2018-10902) in Linux kernel's raw MIDI driver, an integer overrun vulnerability in the POSIX timers implementation, and a use-after-free vulnerability (CVE-2018-14734) in the Infiniband implementation.

Furthermore, there was an issue (CVE-2018-16276) found in Linux kernel's YUREX USB device driver, which could allow a physically proximate attacker to execute arbitrary code or crash the affected system, as well as bugs in he BPF verifier and XFS file system, allowing local attackers to cause a denial of service (CVE-2018-18445 and CVE-2018-18690).

Update your systems

Only for Ubuntu 16.04 LTS systems, the security update addresses a vulnerability (CVE-2017-18174) found in Linux kernel's AMD GPIO driver, which could allow a local attacker to crash the system or possibly execute arbitrary code. On the other hand, Ubuntu 14.04 LTS was affected by a NULL pointer dereference in the keyring subsystem (CVE-2017-2647) and a logic error in the TTY subsystem (CVE-2018-18386).

All Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS users are urged to update their systems immediately, following the update instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades. HWE (Hardware Enablement) kernel security updates are also available for Ubuntu 16.04.5 LTS, Ubuntu 14.04.5 LTS, and Ubuntu 12.04 ESM users.

 

source

Link to comment
Share on other sites
  • Views 556
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...