Canonical provides the latest Linux kernel security updates for the Long Term Support (LTS) Ubuntu 18.04 and 16.04 operating systems, and Bionic Beaver and Xenial Xerus users can implement a reboot-free operating system kernel update with the Livepatch Service. This real-time patch mainly fixes five security issues, such as the CVE-2019-11815 race condition vulnerability. It can cause the Linux kernel’s RDS (Reliable Datagram Sockets) protocol to be exploited by an attacker, causing a system crash or arbitrary code execution.
Second is the CVE-2019-2054 flaw affecting the ARM CPU, which can be used by an attacker to bypass the seccomp limit. There is also a flaw in the EXT4 file system of the Linux kernel. CVE-2019-11833 and CVE-2019-11884 expose local sensitive information (kernel memory) to an attacker because the Linux kernel cannot properly clear memory or verify a NULL termination string under certain circumstances.
It should be noted that this kernel real-time patch includes a fix that fixes the eight-year-old CVE-2011-1079 vulnerability discovered by Vasiliy Kulikov in the Bluetooth stack of the Linux kernel. This defect may cause a local attacker to launch a denial of service (DoS) attack on the system, causing a system crash or kernel stack memory leak, which poses a certain threat to the user’s privacy.