Update your kernel now: Canonical fixes up to 109 CVE bugs in the kernel of all Ubuntu versions

Many bugs in Ubuntu kernel- Update

As I always say, Canonical is a company that fixes the security flaws of the operating system that it develops very early, so there is no need to sound the alarms. Yes we would turn on all the alarms if a high number of failures were necessarily synonymous with danger, and that is what has happened: the company that runs Mark Shuttleworth has corrected so many CVE crashes in Ubuntu kernel that it will cost me to count them (so as not to put them in duplicate).

Perhaps it is best to count them by versions: the report USN-4118-1 tells us about a total of 61 vulnerabilities of linux aws on Ubuntu 18.04 and Ubuntu 16.04; The report USN-4117-1 It also tells us about 9 vulnerabilities of linux aws, but in this case Ubuntu 19.04; The report USN-4116-1 tells us about 6 vulnerabilities of linux, linux-aws, linux-kvm, linux-raspi2 y linux-snapdragon on Ubuntu 16.04; The report USN-4115-1 deals with 28 vulnerabilities of linux, linux-azure, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oracle y inux-raspi2 on Ubuntu 18.04 and Ubuntu 16.04; and the USN-4114-1 informs us of 5 vulnerabilities of linux, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2 y linux-snapdragon on Ubuntu 19.04 and Ubuntu 18.04. Total, 109 bugs fixed.

No kernel failure is serious

Taking into account that, if we count the possible duplicates separately because they are different versions of Ubuntu, we are talking about no less than 109 bugs, we cannot include all of them in a post like this. We can mention that the vast majority of them can be used to block the system or cause denial of service (DoS), as long as you have physical access to the equipment. But it is also true that there are some failures that could cause problems being physically close, that is, in the same WiFi network. A few, such as CVE-2019-10638 and CVE-2019-10639 from report USN-4118-1, also they could cause us problems remotely, such as following certain versions of the kernel in the case of the first or helping to exploit another vulnerability in the case of the second.

Of the 109 errors that have been corrected, the vast majority are of medium or low urgency, with many of low urgency and some "negligible". There is no serious or very serious faultBut considering how many bugs they've fixed, it's best to open the software center and apply updates as soon as possible. Once updated and for the patches to take effect, you must restart your computer.

SWAPGS solved
Related article:
Canonical Releases New Ubuntu Kernel Versions To Fix SWAPGS Bug

4 comments, leave yours

Leave a Comment

Your email address will not be published. Required fields are marked with *

*

*

  1. Responsible for the data: Miguel Ángel Gatón
  2. Purpose of the data: Control SPAM, comment management.
  3. Legitimation: Your consent
  4. Communication of the data: The data will not be communicated to third parties except by legal obligation.
  5. Data storage: Database hosted by Occentus Networks (EU)
  6. Rights: At any time you can limit, recover and delete your information.

  1.   Dovi said

    I have a doubt, perhaps it is because of my short experience with GNU / Linux, but there it goes: were these vulnerabilities only present in the Ubuntu kernel? What is the difference between this and the generic kernel?

    1.    Dovi said

      Thanks for the clarification, very kind. All the best!

  2.   George said

    Thank you very much too. Very enlightening answer for those of us who are not so fluent on the subject.

  3.   Hugo J. Cousillas. said

    Hi I use linux, since 8.04. Currently, I stay on KDE, kubuntu. And use all flavors. I never regret it. I congratulate this page, and those who maintain the Linux System. Hug. Hugo..