Home / Linux / Canonical Releases New Linux Kernel Live Patch for Ubuntu 18.04 and 16.04 LTS

Canonical Releases New Linux Kernel Live Patch for Ubuntu 18.04 and 16.04 LTS

Canonical released a new Linux kernel live patch for its long-term supported Ubuntu 18.04 LTS and Ubuntu 16.04 LTS operating system series to address five security vulnerabilities.

Coming hot on the heels of the last Linux kernel security updates released by Canonical last week for all supported Ubuntu Linux releases, this new kernel live patch is now available for users of the Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus) operating systems who use the Canonical Livepatch Service to apply rebootless kernel updates.

It fixes five security issues, including a race condition (CVE-2019-11815), which could lead to a use-after-free, in Linux kernel’s RDS (Reliable Datagram Sockets) protocol implementation that may allow a local attacker to crash the system or execute arbitrary code, as well as a flaw (CVE-2019-2054) affecting ARM CPUs, which lets local attackers to bypass seccomp restrictions.

Also patched are two issues (CVE-2019-11833 and CVE-2019-11884) discovered in Linux kernel’s EXT4 file system and Bluetooth Human Interface Device Protocol (HIDP) implementations, which could allow a local attacker to expose sensitive information (kernel memory) as the Linux kernel failed to properly zero out memory or verify NULL terminated strings in certain situations.

Eight-year-old Bluetooth exploit patched, update your systems now

Additionally, the kernel live patch includes a fix for an eight-years-old exploit (CVE-2011-1079) discovered by Vasiliy Kulikov in Linux kernel’s Bluetooth stack, which could allow a local attacker to crash the system, which could lead to a denial of service or the leak of contents of kernel stack memory, putting the privacy of users at risk.

All users of the Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus) operating system series using the Canonical Livepatch Service can now apply the rebootless kernel live patch on their installations. The version of the kernel liv patch that needs to installed is 53.1 for both generic and lowlatency flavors.


>> Source Link

Loading...

Check Also

Pixel mania, Samsung security flaws, and more!

This week was all about the Made by Google event, where the Mountain View company …