14 DAY TRIAL // Canonical has released an important Linux kernel security update for all supported Ubuntu Linux releases to address two critical security vulnerabilities that could crash users' systems.
In a recent security advisory, Canonical details two recently discovered security vulnerabilities (CVE-2019-11477 and CVE-2019-11478) affecting Linux kernel's TCP retransmission queue implementation when handling some specific TCP Selective Acknowledgment (SACKs).
Both security vulnerabilities were discovered by Jonathan Looney and could allow a remote attacker to crash the affected systems by causing a denial of service. Known as SACK Panic, they affect all supported Ubuntu Linux releases, including Ubuntu 19.04, Ubuntu 18.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS.
"Jonathan Looney discovered several flaws in the way that the Linux kernel's TCP implementation processes Selective Acknowledgement (SACK) options and handles low Maximum Segment Size (MSS) values. A remote attacker could use these issues to perform denial of service attacks on a server," said Canonical.
Users are urged to update their systems immediately
Canonical urges all users of the Ubuntu 19.04 (Disco Dingo), Ubuntu 18.10 (Cosmic Cuttlefish), Ubuntu 18.04 LTS (Bionic Beaver), and Ubuntu 16.04 LTS (Xenial Xerus) operating system series to update their installations immediately to the new kernel versions available in the official repositories.
Patched Linux kernel versions were made available for 32-bit and 64-bit systems, as well as Raspberry Pi 2, OEM processors, Snapdragon processors, cloud environments, Amazon Web Services (AWS-HWE) systems, Amazon Web Services (AWS) systems, Google Cloud Platform (GCP) systems, Oracle Cloud systems, and Microsoft Azure Cloud systems.
Linux hardware enablement (HWE) kernels are also available for Ubuntu 18.04.2 LTS systems using Ubuntu 18.10's kernel and Ubuntu 16.04.6 LTS systems using Ubuntu 18.04 LTS' kernel. To update your installations, please follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades.