Canonical Outs Major Linux Kernel Update for Ubuntu 18.04 LTS to Patch 11 Flaws

[The AchieVer]

Canonical Outs Major Linux Kernel Update for Ubuntu 18.04 LTS to Patch 11 Flaws 

Canonical published today a major Linux kernel security update for the Ubuntu 18.04 LTS (Bionic Beaver) operating system series to address eleven security vulnerabilities discovered recently by various independent researchers.

Several security issues were discovered in the Linux kernel used by Canonical's Ubuntu 18.04 LTS (Bionic Beaver) operating system, affecting all of its derivatives, including Kubuntu, Xubuntu, Lubuntu, Ubuntu GNOME, Ubuntu Budgie, Ubuntu Kylin, and Ubuntu Studio, as well as other third-party flavors based on them.

A total of eleven security vulnerabilities were addressed in this major kernel update, seven of which are flaws (CVE-2018-10876, CVE-2018-10877, CVE-2018-10878, CVE-2018-10879, CVE-2018-10880, CVE-2018-10882, and CVE-2018-10883) discovered by Wen Xu in Linux kernel's EXT4 filesystem implementation.

These vulnerabilities, which ranged from use-after-free and buffer overflow to out-of-bounds writes, could allow attackers to either execute arbitrary code or crash the system via a denial of service attack by utilizing a maliciously crafted EXT4 image that could be mounted on the vulnerable machine.

Also addressed is a race condition (CVE-2018-14625) discovered in Linux kernel's vsock address family implementation, which could lead to a use-after-free condition, allowing a local attacker in the guest virtual machine to expose sensitive information (host machine kernel memory).

Two security issues (CVE-2018-16882 and CVE-2018-19407) affecting the KVM (Kernel-based Virtual Machine) implementation, discovered by Cfir Cohen and Wei Wu, were fixed as well. These could allow a local attacker in a guest virtual machine to gain administrative privileges in the host machine or crash the system.

Last but not least, the security update patches two vulnerabilities (CVE-2018-17972 and CVE-2018-18281) discovered by Jann Horn of Google Project Zero in Linux kernel's procfs file system implementation and mremap() system call, which could let local attackers expose sensitive information or execute arbitrary code.Ubuntu 18.04 LTS users must update immediatelyThe security update also fixes an issue (CVE-2018-9516) discovered in Linux kernel's HID subsystem debug interface, which improperly performed bounds checking under certain conditions, allowing an attacker that has access to the debugfs utility to either gain additional privileges or cause a denial of service.

Canonical urges all Ubuntu 18.04 LTS (Bionic Beaver) users to update their installations immediately to the linux-image 4.15.0-44.47 kernel that's available for generic, lpae, and lowlatency 64-bit and 32-bit installations, as well as for Snapdragon processors.

To update your system, run the "sudo apt update && sudo apt full-upgrade" command and then reboot your PC, or follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades. Users of Ubuntu 18.04.1 LTS or later using the Linux 4.18 kernel series must update to linux-image 4.18.0-14.15~18.04.1

 

Source

[steven36]

They  sent the update out Monday a day before  this was posted

 

Even 4.15.0-44.47 was   urgency=medium  unlike Windows Linux  don't get many urgency= high updates they complied it Jan 14 and didn't send it out tell Monday .

https://launchpad.net/ubuntu/+source/linux/4.15.0-44.47

Image from the other day

 

It  has  broke a few things in newer hardware   so they  sent out a new update that fixes  it

 

linux 4.15.0-45.48

 

Quote

 

Changelog

linux (4.15.0-45.48) bionic; urgency=medium

  * linux: 4.15.0-45.48 -proposed tracker (LP: #1813779)

  * External monitors does not work anymore 4.15.0-44 (LP: #1813663)
    - SAUCE: Revert "drm/i915/dp: Send DPCD ON for MST before phy_up"

  * kernel 4.15.0-44 cannot mount ext4 fs with meta_bg enabled (LP: #1813727)
    - ext4: fix false negatives *and* false positives in ext4_check_descriptors()

 -- Stefan Bader <email address hidden>  Tue, 29 Jan 2019 16:39:15 +0100

 

Source

Image today