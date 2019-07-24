> > >
Softpedia Homepage   

Canonical Outs New Linux Kernel Security Updates for Ubuntu 19.04 and 18.04 LTS

Addresses various security vulnerabilities and issues

Jul 24, 2019 20:47 GMT  ·  By  ·  Comment  · 
Share:             
Updating Ubuntu
   Updating Ubuntu

Canonical released new Linux kernel security updates for Ubuntu 19.04 (Disco Dingo) and Ubuntu 18.04 LTS (Bionic Beaver) operating system series to address various security vulnerabilities.

The new security updates are here to address a race condition (CVE-2019-11599) in Linux kernel when performing core dumps, and an integer overflow (CVE-2019-11487) when referencing counting pages. Both issues affect only Ubuntu 19.04 systems and could allow a local attacker to crash the system by causing a denial of service (DoS attack) or possibly execute arbitrary code.

On Ubuntu 18.04 LTS systems, the new security patch fixes a flaw (CVE-2019-11085) discovered by Adam Zabrocki in Linux kernel's Intel i915 kernel mode graphics driver, which failed to correctly restrict mmap() ranges under certain situations, allowing local attackers to either execute arbitrary code or cause a denial of service attack and crash the system.

Moreover, Ubuntu 18.04 LTS systems were affected by a race condition (CVE-2019-11815) discovered in Linux kernel's RDS (Reliable Datagram Sockets) protocol implementation, which is blacklisted by default. If the RDS protocol was enabled, the flaw could allow a local attacker to cause crash the system or execute arbitrary code.

These Linux kernel security updates also address an issue (CVE-2019-11833) discovered in the EXT4 file system, which failed to zero out memory under certain situations, and a problem (CVE-2019-11884) discovered in the Bluetooth Human Interface Device Protocol (HIDP) implementation, which improperly verified strings in certain situations.

These two issues affect both Ubuntu 19.04 and Ubuntu 18.04 LTS systems, and they could allow local attackers to expose sensitive information (kernel memory). The updated Ubuntu 18.04 LTS kernel is also available for users of the Ubuntu 16.04.6 LTS (Xenial Xerus) operating system series using the HWE (Hardware Enablement) Linux kernel packages from Ubuntu 18.04 LTS.

Users are urged to update their systems immediately

If you're using Ubuntu 19.04, Ubuntu 18.04 LTS, or Ubuntu 16.04.6 LTS with the HWE kernel from Ubuntu 18.04 LTS, you are urged to update your systems as soon as possible to linux-image 5.0.0-21.22 on Ubuntu 19.04, linux-image 4.15.0-55.60 on Ubuntu 18.04 LTS and later systems, as well as to linux-image 4.15.0-55.60~16.04.2 on Ubuntu 16.04.2 LTS and later systems.

Please keep in mind that after installing a new Linux kernel version, you will need to reboot your computer and also rebuild and reinstall any third-party kernel modules you might have installed on your Ubuntu machines. To update your Ubuntu installations, please follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades or run the command below in the Terminal app.

sudo apt update && sudo apt full-upgrade
  Click to load comments
This enables Disqus, Inc. to process some of your data. Disqus privacy policy

Related Stories

VirtualBox 6.0.10 Adds UEFI Secure Boot Driver Signing Support on Ubuntu, Debian

Also brings various other improvements for Linux guests

VirtualBox 6.0.10 Adds UEFI Secure Boot Driver Signing Support on Ubuntu, Debian
Linus Torvalds Kicks Off Development of Linux Kernel 5.3 as First RC Is Out Now

Linux 5.3-rc1 is now available for public testing

Linus Torvalds Kicks Off Development of Linux Kernel 5.3 as First RC Is Out Now
Deepin 15.11 GNU/Linux OS Released with Could Sync and Many Other Improvements

Includes disc burning function in the file manager

Deepin 15.11 GNU/Linux OS Released with Could Sync and Many Other Improvements
Mageia Linux 7.1 Adds Support for AMD Ryzen 3000-Series CPUs, Download Now

Fixes installation issues on AMD Ryzen 3000 PCs

Mageia Linux 7.1 Adds Support for AMD Ryzen 3000-Series CPUs, Download Now
Linux Kernel 5.2 Series Is Now Ready for Mass Deployments, Upgrade Now

Linux kernel 5.2.2 is now available for download

Linux Kernel 5.2 Series Is Now Ready for Mass Deployments, Upgrade Now

Fresh Reviews

Motorola One Vision Review

An affordable phone and a little bit more

Motorola One Vision Review
Razer Nari Ultimate Review - A Surprising and Necessary Evolution

Turns out that haptic feedback on a headset is not crazy

Razer Nari Ultimate Review - A Surprising and Necessary Evolution
Attack on Titan 2 Review (PC)

The action hack and slash video game based the award winning manga series of the same name is now available

Attack on Titan 2 Review (PC)
Motorola One Vision Review

An affordable phone and a little bit more

Motorola One Vision Review
Razer Nari Ultimate Review - A Surprising and Necessary Evolution

Turns out that haptic feedback on a headset is not crazy

Razer Nari Ultimate Review - A Surprising and Necessary Evolution

Latest News

Watch Out: Microsoft Re-Releases Update KB4493132 for Windows 7 EOL Warnings

New version of this update now available

Watch Out: Microsoft Re-Releases Update KB4493132 for Windows 7 EOL Warnings
Windows 10 Cumulative Update KB4505903 Introduces a Surprising Browser Change

Original Edge hidden if Chromium version is installed

Windows 10 Cumulative Update KB4505903 Introduces a Surprising Browser Change
Microsoft Renames Office Online to Just “Office”

Online moniker also removed from built-in apps

Microsoft Renames Office Online to Just “Office”
Microsoft Launcher Beta 5.7 Released

Company begins the work on another set of features

Microsoft Launcher Beta 5.7 Released
Samsung Finally Announces Galaxy Fold Launch Date

The device will go on sale in September in select markets

Samsung Finally Announces Galaxy Fold Launch Date
Microsoft Leaks the New Windows 10 Start Menu Without Live Tiles

Start menu redesign spotted in build released accidentally

Microsoft Leaks the New Windows 10 Start Menu Without Live Tiles
Microsoft Accidentally Releases Internal Windows 10 Build to All Its Testers

The build was offered to insiders in all rings

Microsoft Accidentally Releases Internal Windows 10 Build to All Its Testers
Canonical Outs New Linux Kernel Security Updates for Ubuntu 19.04 and 18.04 LTS

Addresses various security vulnerabilities and issues

Canonical Outs New Linux Kernel Security Updates for Ubuntu 19.04 and 18.04 LTS
VirtualBox 6.0.10 Adds UEFI Secure Boot Driver Signing Support on Ubuntu, Debian

Also brings various other improvements for Linux guests

VirtualBox 6.0.10 Adds UEFI Secure Boot Driver Signing Support on Ubuntu, Debian