It seems that Canonical has set out to promote Lockdown, a Linux 5.4 feature that will increase security, among other things, by preventing arbitrary code execution. And it is that today it has published two new security reports in which it speaks of a total of 12 Fixed vulnerabilities in Ubuntu 16.04 LTS kernel, with two of them affecting Ubuntu 18.04 LTS as well. According to these reports, neither Ubuntu 19.04 nor Ubuntu 19.10 is affected.
Of the twelve vulnerabilities, 8 have been labeled as medium priority, while the other four have been labeled as low priority. Security flaws have been published in the reports USB-4145-1, which tells us about the 11 that are present only in Ubuntu 16.04, and the USN-4144-1, which tells us about two more vulnerabilities in Xenial Xerus that also affect Bionic Beaver. Canonical publishes the reports when it has fixed the security flaws.
The Ubuntu 16.04 kernel is the one that has received the most patches
Among the bugs that "promote" the Lockdown function that will come with Linux 5.4 we have the CVE-2019-15215, CVE-2019-15211, CVE-2019-13631, CVE-2019-11487, CVE-2018-20976, CVE-2017-18509 and CVE-2018-20976, some of the above being low priority, but all could allow an attacker to perform arbitrary code execution.
The other five failures, the CVE-2019-15926, CVE-2019-10207, CVE-2019-0136, CVE-2018-20961 y CVE-2016-10905, could be used to perform DoS attacks, in some cases even allowing to block or "crash" the operating system. As we have mentioned, none of the above bugs are of high priority.
Ubuntu 16.04 and Ubuntu 18.04 kernel updates are now available from the Software Update applications or from the software centers for different Ubuntu flavors. Kernel patches are those whose package name begins with "linux-" and once applied we must restart the operating system for the changes to take effect. It will not be necessary to restart if we are using the Live Patch function available in the LTS versions of Ubuntu, but Lockdown, We will wait for you.