14 DAY TRIAL // Canonical released today new kernel updates for all of its supported Ubuntu Linux releases, patching recently discovered security vulnerabilities, including the infamous BlueBorne that exposes billions of Bluetooth devices.
The BlueBorne vulnerability (CVE-2017-1000251) appears to affect all supported Ubuntu versions, including Ubuntu 17.04 (Zesty Zapus), Ubuntu 16.04 LTS (Xenial Xerus) up to 16.04.3, Ubuntu 14.04 LTS (Trusty Tahr) up to 14.04.5, and Ubuntu 12.04 LTS (Precise Pangolin) up to 12.04.5.
The update is available for 64-bit and 32-bit PCs, as well as Raspberry Pi 2 computers, Amazon Web Services (AWS) systems, Google Container Engine (GKE) systems, Snapdragon processors, and cloud environments. The issue is said to allow a remote attacker to crash the vulnerable system using malicious Bluetooth traffic.
"It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service (system crash)," wrote Canonical in Ubuntu Security Notice USN-3419-1 for Ubuntu 17.04.
Users are urged to update their computer immediately
Today's kernel updates also patch a buffer overflow in Linux kernel's Broadcom FullMAC WLAN driver on Ubuntu 17.04, as well as an issue in the F2FS file system, a race condition in the NXP SAA7164 TV Decoder driver, and a buffer overflow in the ioctl handling code of Linux kernel's ISDN subsystem on Ubuntu 16.04 LTS.
A total of 15 other security flaws were patched in the kernel update for Ubuntu 14.04 LTS systems, and Canonical urges all users of these Ubuntu releases to update their installations immediate to the most recent kernel version that's available for their architectures in the stable repositories.
HWE (Hardware Enablement) kernels are available as well for Ubuntu 16.04.3 LTS, Ubuntu 14.04.5 LTS, and Ubuntu 12.04.5 LTS for ESM (Extended Security Maintenance) users. To update your system, please follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades. Don't forget to reboot your computer after installing the new kernel version.