Insight: Major Linux Kernel Update for Ubuntu 18.04 LTS Is Out Now
Linux Kernel update for Ubuntu 18.04 LTS is out now. According to the Canonical, Latest update contain the patches for the 11 security vulnerabilities.
Recently, Several issues were discovered in Ubuntu 18.04 LTS. Some of the issues are:
Wen Xu discovered that a use-after-free vulnerability existed in the ext4 filesystem implementation in the Linux kernel. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-10876, CVE-2018-10879)
Cfir Cohen discovered that a use-after-free vulnerability existed in the KVM implementation of the Linux kernel, when handling interrupts in environments where nested virtualization is in use (nested KVM virtualization is not enabled by default in Ubuntu kernels). A local attacker in a guest VM could possibly use this to gain administrative privileges in a host machine. (CVE-2018-16882)
Jann Horn discovered that the mremap() system call in the Linux kernel did not properly flush the TLB when completing, potentially leaving access to a physical page after it has been released to the page allocator. A local attacker could use this to cause a denial of service (system crash), expose sensitive information, or possibly execute arbitrary code. (CVE-2018-18281)
Wei Wu discovered that the KVM implementation in the Linux kernel did not properly ensure that ioapics were initialized. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-19407)
Canonical urges all the Ubuntu 18.04 LTS (Bionic Beaver) users to update their kernel immediately. This update also fixes an issue CVE-2018-9516.
How To Update Ubuntu:
To update your system, Open your terminal and run the following commands:
sudo apt update && sudo apt full-upgrade
