Canonical fixes security issues with the Ubuntu 18.4 LTS Linux kernel, which affects Ubuntu and all its derivatives, such as Kubuntu, Lubuntu, Ubuntu GNOME, Ubuntu Budgie, Ubuntu Kylin, and Ubuntu Studio, as well as other third-party systems with Ubuntu as the underlying layer.
A total of 11 security issues were resolved in this update, including 7 vulnerabilities (CVE-2018-10876, CVE-2018-10877 , CVE-2018-10878 , CVE-2018-10879, CVE-2018-10880, CVE- 2018-10882 and CVE-2018-10883)
These vulnerabilities include buffer overflows and out-of-bounds writes, where an attacker exploits a maliciously constructed EXT4 image to execute arbitrary code or a system crash by denying the service. This version also resolves the race condition (CVE-2018-14625) found in the VS kernel’s vsock address implementation, which will result in its address being freely usable, allowing local attackers to gain local host sensitivity in the virtual machine. information.
Two security issues (CVE-2018-16882 and CVE-2018-19407) have also been fixed. These two issues affect the implementation of the Kernel-based Virtual Machine, which can be made in the guest virtual machine. The local attacker gains administrative rights in the host or causes the system to crash.
The security update fixes two vulnerabilities in Google Project Zero (CVE-2018-17972 and CVE-2018-18281) in the Linux kernel’s procfs file system implementation and mremap() system call, which could potentially cause local attackers Expose system sensitive information or execute arbitrary malicious code.
The security update fixes two vulnerabilities in the Linux kernel’s procfs file system implementation and the mremap() system call discovered by Google Project Zero’s Jann Horn, which may allow local attackers to expose sensitive information or execute arbitrary code.
In addition, the issue found in the HID subsystem debugs interface of the Linux kernel (CVE-2018-9516) has been fixed, which in some cases performs incorrect boundary checking, giving attackers access to the debugfs program. Get more permissions.
Finally, Canonical recommends that all users update the system to that version. You can perform sudo apt update && sudo apt full-upgrade command to upgrade your system.