14 DAY TRIAL // Canonical released on Friday a new Linux kernel update for its Ubuntu 18.04 LTS (Bionic Beaver) operating system series addressing three security vulnerabilities affecting the kernel for Raspberry Pi 2 devices.
Earlier this week, Canonical released an important kernel security update for Ubuntu 18.04 LTS, as well as other supported Ubuntu releases like Ubuntu 17.10, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS, to address various vulnerabilities affecting the kernel packages for 64-bit machines, Amazon Web Services (AWS) and Google Cloud Platform (GCP) systems, and cloud environments.
Now, the same kernel patch that was made available for Ubuntu 18.04 LTS users on 64-bit, AWS, GCP, and cloud environments is now available for Raspberry Pi 2 devices too, fixing an issue (CVE-2018-1092) in Linux kernel's EXT4 file system implementation discovered by Wen Xu, which could allow an attacker to crash the affected system by mounting a specially crafted EXT4 file system.
Furthermore, the kernel update addresses two memory leaks (CVE-2018-8087 and CVE-2018-10021) discovered in Linux kernel's 802.11 software simulator and Serial Attached SCSI (SAS) implementations, which could allow a local or physically proximate attackers to cause a denial of service (memory exhaustion).
Users are urged to update their systems immediately
Ubuntu 18.04 LTS (Bionic Beaver) was released on April 19, 2018, and ships with the Linux 4.15 kernel series by default. If you're using it on a Rapberry Pi 2 device, you are urged to update the kernel package to linux-image-raspi2 4.15.0-1012.13 as soon as possible. Please keep in mind that a kernel update requires you to reboot your computer, as well as to recompile and reinstall third-party kernel modules.
"Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages, a standard system upgrade will automatically perform this as well," reads the security advisory.
For more details on how to update your system, please follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades. Usually, running the commands listed below should suffice, follow by a system reboot. We recommend all Ubuntu 18.04 LTS users on Raspberry Pi 2 devices to update their installations at their earliest convenience and keep them up-to-date at all times.