The AchieVer Posted June 20, 2019 Share Posted June 20, 2019 Canonical Outs New Linux Kernel Live Patch for Ubuntu 18.04 LTS and 16.04 LTS Canonical released a new Linux kernel live patch for the Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus) operating system series to address the recently disclosed TCP Denial of Service (DoS) vulnerabilities. Coming hot on the heels of the recent Linux kernel security updatespublished earlier this week for all supported Ubuntu releases, the new Linux kernel live patch is only targeted at Ubuntu versions that support the kernel live patch and are long-term supported, including Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus). And it's here to address the same two security vulnerabilities (CVE-2019-11477 and CVE-2019-11478) discovered by Jonathan Looney in Linux kernel's TCP retransmission queue implementation when handling TCP Selective Acknowledgments (SACKs), which could allow a remote attacker to crash the system by causing a denial of service (resource exhaustion). The CVE-2019-11477 flaw is also known as SACK Panic.Users are urged to update their systems immediatelyCanonical urges all users of the Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus) operating system series who use the Linux kernel live patch to update their installations as soon as possible to the new kernel versions. These are rebootless kernel updates, so you won't need to restart your computer to apply them. The new live kernel versions are 4.15.0-51.55 for Ubuntu 18.04.2 LTS systems with the HWE stack from Ubuntu 18.10, 4.15.0-51.55~16.04.1for Ubuntu 16.04.6 LTS systems with the HWE stack from Ubuntu 18.04.2 LTS, and 4.4.0-150.176 for Ubuntu 16.04 LTS systems. Check out Canonical's Livepatch Service website for details on how to use the kernel live patch. Source Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.