Including Ubuntu 18.10 (Cosmic Cuttlefish), Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 16.04 LTS (Xenial Xerus) and Ubuntu 14.04 LTS (Trusty Tahr), all supported Ubuntu versions are affected by this problem.
In addition, this update also fixes several other vulnerabilities affecting Ubuntu 18.04 LTS, Ubuntu 16.04 LTS and Ubuntu 14.04 LTS versions, including race conditions in MIDI drivers in Linux Kernel (CVE-2018-10902), POSIX timer implementation Integer Overflow Vulnerability, Free Use Vulnerability in Infiniband Implementation (CVE-2018-14734).
In addition, a vulnerability (CVE-2018-16276) was discovered in the Linux Kernel’s YUREX USB device driver, which allows a physical attacker to execute arbitrary code or crash the target system. CVE-2018-18445 and CVE-2018-18690 are vulnerabilities in the BPF verifier and XFS file system, respectively, allowing local attackers to initiate a denial of service attacks.
All Ubuntu 18.10, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS and Ubuntu 14.04 LTS users should upgrade the system immediately. For specific upgrade operations, please visit the Canonical official upgrade instructions.
