Ubuntu released a major update to fix 9 vulnerabilities

Canonical released a new Linux kernel security update for all supported Ubuntu operating systems, addressing a total of nine vulnerabilities discovered by various researchers.

The newly patched Linux kernel vulnerabilities affected Ubuntu 17.10, Zesty Zapus, Ubuntu 16.04 LTS, Ubuntu 14.04 LTS and Precise Pangolin ESM (Extended Security Maintenance) and All official derivatives, including Kubuntu, Lubuntu, and others

They include the post-use exploit found by Mohamed Ghannam in the Linux kernel’s Netlink subsystem (XFRM) and the failure of the Linux kernel to properly handle large page memory copies (CoWs), affecting all supported versions of Ubuntu and their derivatives Version.

The associative array implementation of the Linux kernel is also a problem that sometimes does not handle correctly the addition of a new entry and an out of range reading found in the Linux kernel’s GTCO digitizer USB driver that affects the Ubuntu 17.10 and Ubuntu 16.04 LTS versions.

Fixed a contentious issue in the Linux kernel driver subsystem that affects only Ubuntu 17.04. The updated address addresses null pointer reference errors in the Linux kernel’s PowerPC KVM implementation and contention in the key management subsystem, affecting only Ubuntu 17.10.

It is recommended that all Ubuntu users update their installation as soon as possible

Andrey Konovalov discovered another security hole in the USB subsystem of the Linux kernel that failed to validate USB BOS metadata, affecting Ubuntu 17.10 machines and allowing attackers with physical access to use denial of service (DoS attacks ) To crash the system.

Finally, this update complements a security hole Eric Biggers has found in the Linux kernel’s key management subsystem that does not properly limit the addition of existing but un-instantiated keys, which could result in local attackers executing arbitrary code Or crash vulnerable systems.

Canonical urges all Ubuntu users to immediately update their system to the new kernel version, linux-image 4.13.0.19.22 for Ubuntu 17.10, Linux-image-raspi2 4.13.0.1008.6 for Ubuntu 17.10 for Raspberry Pi 2, linux-image Ubuntu 17.04 is 4.10.0.42.46, Ubuntu 17.04 is Raspberry Pi 2 is linux-image-raspi2 4.10.0.1023.24.

In addition, Ubuntu 16.04 LTS users need to update their kernel to linux-image 4.4.0.103.108 on 64- and 32-bit machines, update Ubuntu 16.04 LTS for Raspberry Pi 2 users to linux-image-raspi2 4.4.0.1079.79 , And Ubuntu 14.04 LTS users to linux-image-3.13.0-137-generic 3.13.0-137.186. Ubuntu 16.04.3 LTS, Ubuntu 14.04.5 LTS, and Ubuntu 12.04 ESM users also have access to the updated HWE kernel.