It has been a quiet afternoon in the Linux world, but a few hours ago I saw that there was a kernel update and I was not sure why. When Canonical updates the kernel of the operating system and official flavors that it supports, it is usually done to correct security flaws, but we cannot be sure until they publish a report on that. This is something they have already done, the USN-4147-1 to be exact.
What a server was not expected is that the new versions of the kernel cover so many holes. Total, 18 vulnerabilities have been fixedMost of them being of low or even negligible priority, but there were seven of medium urgency. The severity they give to these security flaws depends on the damage they can cause and the ease of exploiting them. For this reason, there are some of the fixed bugs that have been labeled as low priority although the bug could be exploited while close to the attacked equipment.
Updated kernel patches 7 medium priority vulnerabilities
The vulnerabilities they have fixed affect Ubuntu 19.04 and Ubuntu 18.04. In the published report they do not mention the other version of Ubuntu that enjoys official support, Xenial Xerus, nor those that are in the ESM phase, which are Ubuntu 14.04 and Ubuntu 12.04.
Of all the bugs fixed, I would highlight a few such as the CVE-2019-0136, with which an attacker could make our computer disconnect from the Wi-Fi network, or others such as the CVE-2019-13631 which, although they treat it as low priority, it could be exploited being physically close (without having full access). Others that could be exploited in the same way are the CVE-2019-15117, CVE-2019-15118, CVE-2017-15212, CVE-2019-15217, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15223, CVE-2019-9506 or CVE-2019-15211. Eleven in total are those that could be exploited without having to "touch" the equipment.
New kernel versions are already available from the different software centers or the Ubuntu Software Update app and all its official flavors. For the changes to take effect, we must restart the computer.
