Canonical Releases Ubuntu 16.04 LTS Kernel Patch, Fixed 4 Security Vulnerabilities
Canonical has released a new Ubuntu 16.04 LTS Kernel Patch for the Ubuntu 16.04 LTS operating system which fixes four known security vulnerabilities for all users who use the original Linux Kernel 4.4.
The Ubuntu 16.04 kernel patch addresses four vulnerabilities, including the CVE-2018-14734 vulnerability discovered by Noam Rathaus in the Infiniband implementation, which allows an attacker to crash the system through a denial of service; and an integer overflow CVE-2018-16658 in the CD-ROM driver may allow local attackers to expose sensitive information.
It also fixes an integer overflow vulnerability CVE-2018-9363 found from HID Bluetooth implementation of the Linux kernel that could allow an attacker to crash the system or execute arbitrary code via a denial of service; and CIPSO tags realize discovered by Yves Younan, it may allow a remote attacker to cause an infinite loop through a special network traffic CVE-2018-10938.
If you are using the Ubuntu 16.04 LTS Xenial Xerus operating system for the Linux 4.4 kernel family, we recommend that you update/install the targeted kernel update: linux-image-4.4.0-138.164 on 64-bit or 32-bit machines, as well as to linux-image-4.4.0-1099.107 on Raspberry Pi 2 devices, linux-image-4.4.0-1070.80 on Amazon Web Services (AWS) systems, linux-image-kvm-4.4.0-1036.42 on cloud environments, and linux-image-snapdragon-4.4.0-1103.108 on Snapdragon processors.
Via: Softpedia