14 DAY TRIAL // Canonical released new kernel security updates for all of its supported Ubuntu releases, including Ubuntu 17.10, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS to patch up to 13 security vulnerabilities.
After releasing a kernel update for the Ubuntu 18.04 LTS (Bionic Beaver) operating system series to mitigate the recently disclosed Spectre Variant 4 (CVE-2018-3639) security vulnerability, Canonical now released new kernel versions for Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr) operating system series and their official derivatives.
Apart from addressing the Spectre Variant 4 (CVE-2018-3639) vulnerability in Ubuntu 17.10, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS 64-bit systems, the new kernel updates also patch various other issues, including a double-free error (CVE-2017-17975) in Linux kernel's USBTV007 driver, as well as a race condition (CVE-2017-18203) in the Device Mapper component.
Also patches an infinite loop issue (CVE-2017-18208) in Linux kernel's madvise(2) implementation, a buffer overwrite flaw (CVE-2018-8822) in the NCPFS implementation, a race condition (CVE-2017-18193) in the F2FS implementation, a buffer overflow (CVE-2017-18222) in the Hisilicon HNS Ethernet Device driver, and a null pointer dereference vulnerability (CVE-2018-1130) in the DCCP protocol implementation.
A double free error (CVE-2018-7480) was resolved as well in Linux kernel's block layer subsystem, along with a memory leak (CVE-2018-7757) in the SAS driver subsystem, a race condition (CVE-2018-7995) in the x86 machine check handler, and various other issues across other components, including the netfilter subsystem, the SCTP protocol implementation, the netlink subsystem, the Xen subsystem, as well as the Bluetooth HIP Protocol implementation.
HWE kernels available for Ubuntu 16.04 LTS and 14.04 LTS
As expected, Canonical released HWE (Hardware Enablement) kernels for Ubuntu 16.04.4 LTS (Xenial Xerus) systems from Ubuntu 17.10 (Artful Aardvark), and for Ubuntu 12.04 ESM (Precise Pangolin) from Ubuntu 14.04 LTS (Trusty Tahr). A Linux kernel update is also available for Ubuntu 17.10 for Raspberry Pi 2. However, they noted the fact that Spectre Variant 4 cannot be fully patched via software updates, as it also needs microcode firmware updates.
All users are urged to update their systems as soon possible to linux-image-4.13.0-43.48 on Ubuntu 17.10, linux-image-4.4.0-127.153 on Ubuntu 16.04 LTS, linux-image-3.13.0-149.199 on Ubuntu 14.04 LTS, linux-image-4.13.0-43.48~16.04.1 on Ubuntu 16.04.4 LTS, linux-image-3.13.0-149.199~precise1 on Ubuntu 12.04 ESM, linux-image-4.13.0-1020.21 on Ubuntu 17.10 for Rasperry Pi 2. To update your systems, follow the instructions at https://wiki.ubuntu.com/Security/Upgrades.