Zimbalwa iintsuku ezidlulileyo ICanonical ikhuphe indawo yokhuseleko elungisa imiba yezokhuseleko kunye ne-Ubuntu 18.04 LTS kernel, echaphazela Ubuntu kunye nazo zonke iziphumo zayo ezinje ngoKubuntu, uLubuntu, Ubuntu GNOME, Ubuntu Budgie, Ubuntu Kylin, kunye Ubuntu Studio, kunye nezinye iinkqubo zomntu wesithathu ezisebenzisa Ubuntu njengesiseko.
Olu buthathaka lubandakanya ukugcwala kwempazamo kunye ukuphuphuma kwimida engaphandle , apho umhlaseli esebenzisa umfanekiso we-EXT4 owakhelwe ukwenza ikhowudi yokuchasana nenkqubo okanye ukusilela kwenkqubo ngokwala inkonzo.
Malunga nolu hlaziyo
Kule patch Imicimbi eli-11 yezokhuseleko igutyungelwe nezisonjululwe kolu hlaziyo lwe kernel.
Phakathi kwazo sinobuthathaka obu-7 obufakiwe (CVE-2018-10876, CVE-2018-10877, CVE-2018-10878, CVE-2018-10879, CVE-2018-10880, CVE- 2018- 10882 kunye neCVE-2018-10883).
Zisixhenxe zokulungiswa bhekisa kwisistim yefayile ye-ext4 yesicelo seLinux kernel bafunyanwa ngumphandi wezokhuseleko uWen Xu.
Abaphandi bathi:
Ezi mpazamo zinwenwela kumsebenzisi emva kokukhutshwa kunye nokunciphisa i-gout-of-mipaka bhala imiba yokuphuphuma.
Ukuba semngciphekweni kunokuvumela ukwenziwa kweekhowudi ngokungangqinelaniyo okanye kungavimba inkqubo ekubeni ikhanyele uhlaselo lwenkonzo ngokuxhaphaza umfanekiso owenziwe ngokukodwa we-ext4.
Lo mfanekiso unokuxhonywa kwinkqubo esesichengeni.
Iingxaki ngokubonakalayo ziyaqhubeka
Esi siqwenga sikhutshelwe i-Linux Kernel ikwasombulula imeko yomdyarho echazwe kwi-CVE-2018-14625 ifunyenwe kwi-VS kernel yokuphunyezwa kwedilesi ye-vsock
Yintoni enokuthi ikhokelele kwimeko yasemva kokuyisebenzisa evumela umhlaseli wendawo ukuba abe nayo yonke into ayifunayo ukubonisa ulwazi olubuthathaka kumatshini obonakalayo weendwendwe.
Ezinye iingxaki zokhuseleko ezisonjululwe ngale ndawo yokukhangela zezi I-CVE-2018-16882 kunye ne-CVE-2018-19407 echaphazela ukwenziwa kwe-KVM (Umatshini osekwe kwi-Kernel), ofunyenwe ngu-CFIR Cohen no-Wei Wu.
Yomibini le micimbi ichaphazela ukuphunyezwa komatshini osekwe kernel, onokwenziwa kumatshini obonakalayo weendwendwe.
Umhlaseli walapho ufumana amalungelo olawulo kumamkeli okanye obangela ukuba inkqubo iphazamiseke.
Ngapha koko uhlaziyo lokhuseleko ilungisa ukuba semngciphekweni kokubini kwiProjekthi kaGoogle iZero (CVE-2018-17972 kunye neCVE-2018-18281) kuphunyezo lwe-Linux kernel yenkqubo yefayile ye-procfs kunye ne-mremap () inkqubo yokufowuna, enokubangela ukuba abahlaseli bengingqi babhengeza ulwazi ngenkqubo ethe-ethe okanye benze ikhowudi enobungozi.
Ca
Uhlaziyo lwezokhuseleko lujongana nobuthathaka obubini ekuphunyezweni kernel kernel yenkqubo yefayile ye-procfs kunye nenkqubo yemremap () ifunyenwe nguJann Horn weProjekti kaGoogle uZero, enokuvumela abahlaseli bengingqi ukuba babhengeza ulwazi olubuthathaka okanye benze ikhowudi engalawulekiyo.
Uhlaziyo lokhuseleko lukwalungisa umba we-CVE-2018-9516 ofunyenwe kwi-Linux kernel HID debug subsystem interface.
Olu nxibelelaniso linoxanduva lokufumanisa ukusebenza ngokungachanekanga komda wokujonga phantsi kweemeko ezithile, ukuvumela umhlaseli ngokufikelela kulungiso lwee-debugfs ukuze afumane amalungelo ongezelelweyo okanye ukwala inkonzo.
Lixesha lokuba uhlaziye ewe okanye ewe
Njengaso nasiphi na isisombululo esikhutshiweyo, kubalulekile ukusiphumeza kwiinkqubo zethu, ke kuyacetyiswa kakhulu ukuba uhlaziye inkqubo ibe yinyaniso.
NjengeCanonical imema bonke abasebenzisi be-Ubuntu 18.04 LTS (IBionic Beaver) ukuhlaziya ufakelo lwakho kwangoko kwiLinux kernel 4.15.0-44.47.
Ngelixa i-Ubuntu 18.04.1 LTS okanye abasebenzisi bexesha elizayo abasebenzisa i-Linux 4.18 kernel uthotho kufuneka baphucule ukuya ku-4.18.0-14.15 ~ 18.04.1.
Uhlaziya njani?
Ukuhlaziya inkqubo, vula nje itheminali kwaye wenze le miyalelo ilandelayo:
sudo apt update sudo apt full-upgrade
Ekupheleni kokukhutshelwa kunye nokufakwa kohlaziyo, kuyacetyiswa ukuba ikhompyuter iqale phantsi, ekuza kusetyenziswa kuyo lonke utshintsho olutsha ekuqaleni kwenkqubo.