Canonical has released today a new major Linux kernel security for Ubuntu 19.04 and Ubuntu 18.04 LTS operating systems to address eighteen security vulnerabilities.
The new kernel security update comes a few days after another major patch released on Tuesday for Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus) systems running the Linux 4.15 kernel. This one fixes issues affecting the Linux 5.0 kernel in Ubuntu 19.04 (Disco Dingo) and Ubuntu 18.04 LTS (Bionic Beaver) systems.
Among the issues fixed in today’s kernel security update there are a bunch of flaws affecting several drivers, including the Intel Wi-Fi device driver, GTCO tablet input driver, USB audio driver, Raremono AM/FM/SW radio device driver, USB Rio 500 device driver, CPiA2 video4linux device driver, as well as Softmac USB Prism54 device driver.
Also affected are the ZR364XX Camera USB device driver, Siano USB MDTV receiver device driver, Line 6 POD USB device driver, Line 6 USB driver, and the Bluetooth protocol BR/EDR specification, all of which could allow physically proximate attackers to either expose sensitive information, crash the system, or even execute arbitrary code.
On top of that, the kernel security update fixes a flaw in the Bluetooth UART implementation that could allow a local attacker to cause a denial of service, an out-of-bounds read in the QLogic QEDI iSCSI Initiator driver, which could let a local attacker to expose sensitive information (kernel memory), as well as bugs in the XFS file system, Hisilicon HNS3 ethernet device driver, and Atheros mobile chipset driver, which could allow a local attacker to cause a denial of service.
Users are urged to update their systems immediately
Canonical urges all Ubuntu 19.04 and Ubuntu 18.04 LTS users running the Linux 5.0 kernel to update their systems immediately to the new kernel versions that are available now in the main software repositories. While Ubuntu 19.04 (Disco Dingo) users must update to linux-image 5.0.0-31.33, Ubuntu 18.04.3 LTS (Bionic Beaver) users will have to update to linux-image 5.0.0-31.33~18.04.1.
To update your systems, please follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades. This kernel update is available for 64-bit, Raspberry Pi 2, Google Cloud Platform (GCP), Amazon Web Services (AWS), Microsoft Azure Cloud, and Google Container Engine (GKE) systems, as well as Snapdragon processors and cloud environments (KVM). After installing the new kernel versions, please reboot your machines!
>> Source Link