14 DAY TRIAL // Canonical released today a new Linux kernel update for its latest Ubuntu 18.04 LTS (Bionic Beaver) operating system series to address a couple of security vulnerabilities discovered lately by various security researchers.
The kernel security update released by Canonical for Ubuntu 18.04 LTS users patches a security flaw (CVE-2018-1118) discovered in Linux kernel's VirtIO subsystem, which could allow a local attacker to expose sensitive information (kernel memory) as it improperly initialized memory under certain conditions.
The second security vulnerability patched by today's kernel update addresses an information leak (CVE-2017-13695) discovered by Seunghun Han in Linux kernel's ACPI (Advanced Configuration and Power Interface) handling code, allowing a local attacker to expose sensitive information (kernel address locations).
All Ubuntu 18.04 LTS users are urged to update their installations as soon as possible to linux-image 4.15.0-34.37 on 64-bit installations, linux-image-raspi2 4.15.0.1022.20 on Raspberry Pi 2 systems, linux-image-kvm 4.15.0.1021.21 on cloud environments, and linux-image-gcp 4.15.0.1019.21 on Google Cloud Platform (GCP) systems.
Furthermore, users must update to linux-image-aws 4.15.0.1021.21 on Amazon Web Services (AWS) systems and linux-image-azure 4.15.0.1023.23 on Microsoft Azure Cloud systems. Ubuntu 16.04.5 LTS (Xenial Xerus) HWE (Hardware Enablement) users are also receiving the kernel security update so they need to install linux-image 4.15.0-34.37~16.04.1.
SegmentSmack flaw now patched in Ubuntu 12.04 ESM
Canonical also released today a kernel security patch for Ubuntu 12.04 ESM (Extended Security Maintenance) users to fix a security flaw (CVE-2018-5390) discovered Juha-Matti Tilli in Linux kernel's TCP implementation, which is known as SegmentSmack and could allow a remote attacker to cause a denial of service (DoS) attack.
If you're using Ubuntu 12.04 ESM, you must update to linux-image 3.2.0-135.181 on either 32-bit or 64-bit systems, as well as to linux-image-highbank 3.2.0-135.181 on the armhf architecture, linux-image-omap 3.2.0-135.181 on the OMAP ARM architecture, and linux-image-powerpc 3.2.0-135.181 on PowerPC (PPC) systems.
To update your Ubuntu systems, please follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades. Keep in mind that you'll need to reboot your machine(s) after installing a kernel update, as well as to rebuild any third-party kernel modules you might have installed due to the inevitable ABI changes.