Few days ago Canonical released a security patch that fixes security issues with the Ubuntu 18.04 LTS kernel, which affects Ubuntu and all its derivatives such as Kubuntu, Lubuntu, Ubuntu GNOME, Ubuntu Budgie, Ubuntu Kylin, and Ubuntu Studio, as well as other third-party systems that use Ubuntu as a base.
These vulnerabilities include buffer overflows and overflow to out-of-bounds , where an attacker exploits an EXT4 image built in order to execute arbitrary code or a system failure by denying the service.
About this update
In this patch A total of 11 security issues are covered that were resolved in this kernel update release.
Among which we have 7 vulnerabilities included (CVE-2018-10876, CVE-2018-10877, CVE-2018-10878, CVE-2018-10879, CVE-2018-10880, CVE- 2018- 10882 and CVE-2018-10883).
Seven of the fixes refer to the ext4 filesystem application of the Linux kernel they were discovered by security researcher Wen Xu.
The researchers said that:
These flaws are extended to the user after release and dampen gout-of-limits write overflow issues.
The vulnerabilities could allow arbitrary code execution or could even block the system from denial of service attacks by exploiting a specially crafted ext4 image.
That image could be mounted on a vulnerable system.
Problems with virtualization continue
This patch released for the Linux Kernel also resolves the race condition described in CVE-2018-14625 found in the VS kernel implementation of the vsock address
Which can lead to a use-after-free condition that allows a local attacker to have everything they need to expose sensitive information on the guest virtual machine.
Other security problems that have been solved with this patch are CVE-2018-16882 and CVE-2018-19407 affecting the execution of KVM (Kernel-based Virtual Machine), discovered by CFIR Cohen and Wei Wu.
Both of these issues affect the kernel-based virtual machine implementation, which can be done on the guest virtual machine.
The local attacker gains administrative rights on the host or causes the system to crash.
Moreover the security update fixes two vulnerabilities in Google Project Zero (CVE-2018-17972 and CVE-2018-18281) in the Linux kernel implementation of the procfs file system and the mremap () system call, which could cause local attackers to expose sensitive system information or execute arbitrary malicious code.
Ca
The security update addresses two vulnerabilities in the Linux kernel implementation of the procfs file system and the mremap () system call discovered by Jann Horn of Google Project Zero, which can allow local attackers to expose sensitive information or execute arbitrary code.
The security update also fixes an issue CVE-2018-9516 discovered in the Linux kernel HID debug subsystem interface.
This interface is responsible for detecting the incorrect performance of limit checking under certain conditions, allowing an attacker with access to the debugfs utility to obtain additional privileges or denial of service.
It's time to update yes or yes
Like any released solution, it is important to implement it in our systems, so it is highly recommended to update the system to the truth.
Just like Canonical invites all Ubuntu 18.04 LTS users (Bionic Beever) to update your installations immediately to Linux kernel 4.15.0-44.47.
Whereas for Ubuntu 18.04.1 LTS or later users using Linux 4.18 kernel series should upgrade to version 4.18.0-14.15 ~ 18.04.1.
How to update?
To update the system, just open a terminal and execute the following commands in it:
sudo apt update sudo apt full-upgrade
At the end of the download and installation of the updates, it is recommended that the computer be restarted, with which all the new changes will be applied at the start of the system.