Canonical has released what appears to be the first security patch for Ubuntu 17.04 (Zesty Zapus) operating system kernel packages, which fixes a total of six vulnerabilities discovered by various developers in the last weeks since the launch of the new version of Ubuntu.
Announced a month ago, on April 13, 2017, Ubuntu 17.04 debuted with a kernel from the series Linux 4.10, which continues to receive weekly patches and maintenance releases, but also new drivers and a few other features. However, now the time has come for Ubuntu 17.04 users to update their kernels.
According to the safety report of Ubuntu USN-3293-1, multiple security issues are affecting the linux-generic (including lpae), linux-lowlatency and linux-raspi2 packages from Ubuntu 17.04, as well as their official derivatives that use the same kernels, such as Kubuntu, Lubuntu, Xubuntu, Ubuntu MATE, Ubuntu GNOME, etc.
Users should update their systems as soon as possible
The first kernel vulnerability that was patched carries the code CVE-2017-2596 and was discovered by Dmitry Vyukov in the KMV implementation of the Linux Kernel, and that incorrectly emulated the VMXON instruction, giving the possibility to a local attacker to provoke a denial of service attack (memory consumption).
The same developer also discovered the second security issue (CVE-2017-7187) which appears to be a problem of buffer overflow in the SCSI (sg) subsystem of the Linux kernel, which could have allowed a local attacker to gain access to a SG device and cause a system crash using a denial of service attack or execution of random code.
To update the Linux Kernel, simply open the Software Updater tool or Terminal, download and install all available updates, and then restart your computer. The kernel versions are as follows:
- linux-image-generic 4.10.0.21.23 for 64-bit and 32-bit systems
- linux-image-raspi2 4.10.0.1005.7 for Raspberry Pi 2 devices
Canonical also released new kernel security updates for other Ubuntu versions, including Ubuntu 16.10, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS. You can read more information about how to update your Ubuntu operating system by clicking here.