Ubuntu Upgrade With Another Security Patches With Linux Kernel

[Disco Bob]

The canonical released another update for UBUNTU users after a week.

Ubuntu security team has released patches of several security vulnerabilities in its various versions. You need to update now.

How to Update UBUNTU?

• For Desktop

By default, users are notified daily for security updates and weekly for non-security updates. How Ubuntu alerts you as well as configuring your system to install updates automatically can be setup within Update Manager.

You can access Update Manager anytime by pressing ‘Alt+F2’, entering ‘update-manager’ and pressing Enter. Its settings can be adjusted by pressing the ‘Settings’ button.

 

Once Update Manager is open, you can review and select pending updates as well as check for new updates. Simply press the ‘Install Updates’ button to upgrade the selected packages to the updated version.

• For Server

If the update-notifier-common package is installed, Ubuntu will alert you about pending updates via the message of the day (motd) upon console or remote login.

After logging in, you can check for and apply new updates with:

$ sudo apt-get update
$ sudo apt-get dist-upgrade

When performing an update, first review what apt is going to do, then confirm that you want to apply the updates (this is particularly true when running the development release).

If you would prefer to have updates applied automatically, make sure the unattended-upgrades package is installed, then run ‘sudo dpkg-reconfigure unattended-upgrades’.

Please note that updates may restart services on your server, so this may not be appropriate for all environments.

Following Ubuntu Linux vulnerabilities have been fixed.

 

• Linux kernel (Trusty HWE) vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 12.04 ESM

Summary
Several security issues were fixed in the Linux kernel.

Software Description
linux-lts-trusty – Linux hardware enablement kernel from Trusty for Precise ESM

Details
USN-3880-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM.

It was discovered that the CIFS client implementation in the Linux kernel did not properly handle setup negotiation during session recovery, leading to a NULL pointer exception. An attacker could use this to create a malicious CIFS server that caused a denial of service (client system crash). (CVE-2018-1066)

• Linux vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 14.04 LTS

Summary
Several security issues were fixed in the Linux kernel.

Software Description
Linux – Linux kernel

Details
It was discovered that the CIFS client implementation in the Linux kernel did not properly handle setup negotiation during session recovery, leading to a NULL pointer exception. An attacker could use this to create a malicious CIFS server that caused a denial of service (client system crash). (CVE-2018-1066)

It was discovered that the socket implementation in the Linux kernel contained a type confusion error that could lead to memory corruption.

• Linux kernel (AWS, GCP, KVM, OEM, Raspberry Pi 2) vulnerabilities

linux-aws, linux-gcp, linux-kvm, linux-oem, linux-raspi2 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 18.04 LTS

Summary
Several security issues were fixed in the Linux kernel.

Software Description
linux-aws – Linux kernel for Amazon Web Services (AWS) systems
linux-gcp – Linux kernel for Google Cloud Platform (GCP) systems
linux-kvm – Linux kernel for cloud environments
linux-oem – Linux kernel for OEM processors
linux-raspi2 – Linux kernel for Raspberry Pi 2

It was discovered that a race condition existed in the vsock address family implementation of the Linux kernel that could lead to a use-after-free condition. A local attacker in a guest virtual machine could use this to expose sensitive information (host machine kernel memory). (CVE-2018-14625)

It was discovered that the debug interface for the Linux kernel’s HID subsystem did not properly perform bounds checking in some situations. An attacker with access to debugfs could use this to cause a denial of service or possibly gain additional privileges. (CVE-2018-9516)

• Linux kernel (Xenial HWE) vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

Ubuntu 14.04 LTS

Summary
Several security issues were fixed in the Linux kernel.

Software Description
linux-aws – Linux kernel for Amazon Web Services (AWS) systems
linux-lts-xenial – Linux hardware enablement kernel from Xenial for Trusty

Details

USN-3879-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.

The security researchers discovered that the ext4 file system implementation in the Linux kernel could possibly perform an out of bounds write when updating the journal for an inline file. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10883)

The cleancache subsystem of the Linux kernel did not properly initialize new files in some situations. A local attacker could use this to expose sensitive information. (CVE-2018-16862)

The USB subsystem in the Linux kernel did not properly handle size checks when handling an extra USB descriptor. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2018-20169)

 

https://hackersonlineclub.com/ubuntu-upgrade-with-another-security-patches-with-linux-kernel/