It patches a total of 11 kernel vulnerabilities

Jun 20, 2017 14:24 GMT  ·  By

Canonical released major kernel security updates for all supported Ubuntu Linux operating systems patching up to eleven vulnerabilities across all of the supported architectures.

Most of the patched kernel vulnerabilities in these updates are new, and they've been recently fixed upstream in the Linux kernel. Therefore, it's now time for OS integrators to update their repositories and keep users safe, and Canonical is always known for doing a great job releasing up-to-date kernels for Ubuntu.

The first vulnerability (CVE-2017-1000364) was discovered in Linux kernel's stack guard page for processes, which appears not to be sufficiently large to prevent overlapping with the heap, therefore allowing an attacker to use another vulnerability to either gain administrative privileges or execute arbitrary code.

The second one is a use-after-free vulnerability (CVE-2014-9940) discovered in Linux kernel's core voltage regulator driver, which could let local attackers execute arbitrary code or cause a denial of service. The third one is a buffer overflow (CVE-2017-0605) in Linux kernel's trace subsystem, letting privileged local attackers to execute arbitrary code.

Discovered by Li Qiang, the fourth vulnerability (CVE-2017-7294) is an integer overflow bug in Linux kernel's DRM (Direct Rendering Manager) driver for VMWare devices, which can be used by a local attacker to either execute arbitrary code or cause a denial of service and crash the affected, unpatched system.

Several vulnerabilities are affecting the IPv6 stack

Several of the security issues patched in these kernel updates for Ubuntu are affecting the IPv6 stack. The first two are an out-of-bounds read error (CVE-2017-9074) and a flaw in the handling of inheritance (CVE-2017-9075), both of them discovered by Andrey Konovalov, and could be used to cause a denial of service or other problems.

The third IPv6 flaw (CVE-2017-9242) revealed that the stack over write consistency check after the data was actually overwritten, which could allow a local attacker to crash the vulnerable system by causing a denial of service. The IPv4 stack is not bug-free, and these updates patch a double free bug (CVE-2017-8890) that lets attackers cause a denial of service to crash the system.

The ninth vulnerability (CVE-2017-1000363) was discovered by Roee Hay in Linux kernel's parallel port printer driver, which incorrectly bounded check passed arguments, allowing a local attacker with write access to the kernel command line arguments to execute arbitrary code.

The last two vulnerabilities (CVE-2017-9076 and CVE-2017-9077) are affecting Linux kernel's DCCP v6 and TCP v6 implementations, which could mishandle inheritance, thus allowing a local attacker to cause a denial of service or other problems. All users are urged to update their systems using the instructions at https://wiki.ubuntu.com/Security/Upgrades.

After the update, check if you're running linux-image 3.13.0.121.131 on Ubuntu 14.04 LTS or linux-image-lts-xenial 4.4.0.81.66 on Ubuntu 14.04.5 LTS with HWE kernel, linux-image 4.4.0.81.87 on Ubuntu 16.04 LTS or linux-image 4.8.0-56.61~16.04.1 on Ubuntu 16.04.2 LTS with HWE kernel, linux-image 4.8.0.56.69 on Ubuntu 16.10, and linux-image 4.10.0.24.26 on Ubuntu 17.04.

The updated Raspberry Pi 2 kernels are linux-image-4.4.0-1059-raspi2 4.4.0-1059.67 for Ubuntu 16.04 LTS for Raspberry Pi 2, linux-image-4.8.0-1040-raspi2 4.8.0-1040.44 for Ubuntu 16.10 for Raspberry Pi 2, and linux-image-4.10.0-1008-raspi2 4.10.0-1008.11 for Ubuntu 17.04 for Raspberry Pi 2. Again, please update your installations to the new kernel builds as soon as possible.