Once again, we have to talk about kernel security flaws, but once again we report when Canonical has already fixed them. In total, three vulnerabilities have been found and already patched, one of them labeled by Canonical as high priority, while the other two have been labeled as medium priority. All three vulnerabilities affect all versions of Ubuntu, including Ubuntu 19.04, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS.
Canonical has published two reports on these three vulnerabilities, USN-4135-1 in which they tell us about the Ubuntu versions that still enjoy official support and the USN-4135-2 which mentions practically the same thing, but for Ubuntu 14.04 and Ubuntu 12.04 which are currently as ESM (Extended Security Maintenance) version. It has not yet been ruled out that the most serious bug of the three affects Ubuntu 19.10 Eoan Ermine.
The new kernel fixes these three vulnerabilities
- CVE-2019-14835: it was discovered a buffer overflow in the backend (vhost_net) implementation of the virtio network in the Linux kernel. An attacker on a guest can use this to cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS (high priority).
- CVE-2019-15030: isThe Linux kernel on PowerPC architectures did not adequately handle Facility Not Available exceptions in some situations. A local attacker could use this to expose sensitive information (medium priority).
- CVE-2019-15031: the Linux kernel on PowerPC architectures did not adequately handle interrupt exceptions in some situations. A local attacker could use this to expose sensitive information
In the previous links, you have all the information about the packages that have to be updated, but basically we have to open our software updater and install everything we see as "linux-". Once all the packages are installed, we must restart for the changes to take effect.
