Softpedia >News >Linux >Linux Distributions
Softpedia Homepage   

Canonical Outs Linux Kernel Security Update for Ubuntu 19.04 to Patch 9 Flaws

Users are urged to update their systems immediately

Oct 17, 2019 08:04 GMT  ·  By
Ubuntu 19.04
   Ubuntu 19.04

With only a few hours left before the release of Ubuntu 19.10 (Eoan Ermine) Canonical released today a new Linux kernel security patch for Ubuntu 19.04 (Disco Dingo) to address several security vulnerabilities.

The new security update for Ubuntu 19.04 is here to patch a total of seven security flaws affecting the Linux 5.0 kernel used by the operating system, including an issue (CVE-2019-15902) discovered by Brad Spengler which could allow a local attacker to expose sensitive information as a Spectre mitigation was improperly implemented in the ptrace susbsystem.

It also fixes several flaws (CVE-2019-14814, CVE-2019-14815, CVE-2019-14816) discovered by Wen Huang in the Marvell Wi-Fi device driver, which could allow local attacker to cause a denial of service or execute arbitrary code, as well as a flaw (CVE-2019-15504) discovered by Hui Peng and Mathias Payer in the 91x Wi-Fi driver, allowing a physically proximate attacker to crash the system.

Other resolved issues include a flaw (CVE-2019-14821) discovered by Matt Delco in Linux kernel's KVM hypervisor implementation, which could allow a local attacker with write access to /dev/kvm to cause a denial of service (system crash), and an integer overflow (CVE-2019-2181) discovered in the Binder implementation, which could allow a local attacker to escalate his/her privileges

Update your systems as soon as possible

Also patched in this new Linux kernel security update for Ubuntu 19.04 are two security vulnerabilities (CVE-2019-15505 and CVE-2019-16714) discovered in the Technisat DVB-S/S2 USB device driver and IPv6 RDS implementation, which could allow a physically proximate attacker or a local attacker to expose sensitive information.

Canonical urges all Ubuntu 19.04 (Disco Dingo) users to update the Linux kernel packages in their systems as soon as possible to linux-image 5.0.0-32.34, which is available right now in the stable software repositories for 64-bit systems, Raspberry Pi 2, Snapdragon processors, cloud environments, as well as Amazon Web Services (AWS), Microsoft Azure Cloud, and Google Cloud Platform (GCP) systems.