14 DAY TRIAL // Canonical has released a new Linux kernel live patch for the Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus) operating system series to fix an important security vulnerability.
The new Linux kernel live patch is here to address just a single security vulnerability, namely a buffer overflow (CVE-2019-14835) discovered by security researcher Peter Pi in Linux kernel's virtio network backend (vhost_net) implementation, which could lead to DoS attacks.
"Peter Pi discovered a buffer overflow in the virtio network backend (vhost_net) implementation in the Linux kernel. An attacker in a guest may be able to use this to cause a denial of service (host OS crash) or possibly execute arbitrary code in the host OS," reads the security advisory.
Users are urged to update their installations
If you're using the Canonical LivePatch service on your Ubuntu 18.04 LTS (Bionic Beaver) or Ubuntu 16.04 LTS (Xenial Xerus) operating system, it is recommended to apply the newest kernel live patch as soon as possible to mitigate the aforementioned security vulnerability.
The kernel live patch is available only for 64-bit Ubuntu 18.04 LTS systems using the Linux 4.15 kernel, as well as Ubuntu 16.04 LTS systems using the Linux 4.4 kernel. Additionally, it's also available for Ubuntu 14.04 ESM (Extended Security Maintenance) users using the Linux 4.4 HWE (Hardware Enablement) kernel.
However, Canonical has noted that fact that if you use kernels older than 4.15.0-50 on Ubuntu 18.04 LTS or Ubuntu 16.04 LTS systems, as well as 4.4.0-148 on Ubuntu 16.04 LTS or Ubuntu 14.04 ESM systems, you will not receive the latest live patch updates. Visit the official website to learn more about Canonical LivePatch.