A total of 12 security vulnerabilities were fixed

Oct 1, 2019 13:17 GMT  ·  By

Canonical released today a new Linux kernel security patch for its long-term supported Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus) operating systems to address several vulnerabilities.

The new Linux kernel security update fixes two vulnerabilities (CVE-2018-20976 and CVE-2019-15538) in the Linux 4.15 kernel used in both Ubuntu 18.04 LTS and Ubuntu 16.04 LTS, discovered in the XFS file system, which could allow a local attacker to either execute arbitrary code or cause a denial of service (system crash). The CVE-2018-20976 issue was also fixed in the Linux 4.4 kernel.

As for the security issues addressed in the Linux 4.4 kernel used on some Ubuntu 16.04 LTS systems, we can mention a race condition (CVE-2016-10905) in the GFS2 file system, an integer overflow (CVE-2019-11487) in the Linux kernel discovered when reference counting pages, as well as a race condition (CVE-2019-15215) in the CPiA2 video4linux device driver.

Also patched are issues affecting Linux kernel's IPv6 implementation (CVE-2017-18509), the USB gadget Midi driver (CVE-2018-20961), the Intel Wi-Fi device driver (CVE-2019-0136), the Bluetooth UART implementation (CVE-2019-10207), the GTCO tablet input driver (CVE-2019-13631), the Raremono AM/FM/SW radio device driver (CVE-2019-15211), and the Atheros mobile chipset driver (CVE-2019-15926).

Users are urged to update their systems immediately

The new Linux kernel security update is available right now for users of the Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus) operating systems using the Linux 4.15 kernel, as well as for Ubuntu 16.04 LTS (Xenial Xerus) users using the Linux 4.4 kernel. Canonical urges all users to update their systems as soon as possible.

On Ubuntu 18.04 LTS with Linux kernel 4.15, you need to update to linux-image 4.15.0-65.74, on Ubuntu 16.04 LTS with Linux kernel 4.15 you need to update to linux-image 4.15.0-65.74~16.04.1, and on Ubuntu 16.04 LTS with Linux kernel 4.4 you need to update to linux-image-4.4.0-165-generic - 4.4.0-165.193, following the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades.