Canonical Outs Major Ubuntu 18.04 LTS Kernel Security Update for Cloud Users

Ubuntu 18.04 LTS

Canonical released today a new kernel security update for users of the Ubuntu 18.04 LTS (Bionic Beaver) operating system series running the Linux 5.0 kernel on cloud systems.

After publishing kernel security updates for Ubuntu 19.10, Ubuntu 18.04 LTS, and Ubuntu 16.04 LTS systems to mitigate the latest Intel graphics processor vulnerabilities, Canonical released today a kernel security update for Ubuntu 18.04.3 LTS systems powered by Linux kernel 5.0.

A total of 15 security vulnerabilities have been patched in the latest Ubuntu 18.04 LTS kernel update, including a race condition in the Virtual Video Test Driver that could allow an attacker with write access to /dev/video0 to gain administrative privileges, and a NULL pointer dereference in the Btrfs file system.

Flaws were also patched in Linux kernel’s AMD GPU device drivers, Atheros 802.11ac wireless USB device driver, crypto subsystem, RSI 91x WLAN device driver, Broadcom Netxtreme HCA device driver, Qualcomm IPC Router TUN device driver, AppleTalk networking subsystem, virtual console subsystem, KVM hypervisor, EXT4 file system, and B2C2 FlexCop USB device driver.

Most of these issues could cause a denial of service (system crash or kernel memory exhaustion). Therefore, users are urged to update to the new kernel packages, which are available for Amazon Web Services (AWS) systems, Google Cloud Platform (GCP) systems, Google Container Engine (GKE) systems, and Oracle Cloud systems, as soon as possible.

The new kernel versions to update to are linux-image-aws 5.0.0-1024.27~18.04.1 for AWS systems, linux-image-gcp 5.0.0-1029.30~18.04.1 for GCP systems, linux-image-gke 5.0.0-1029.30~18.04.1 for GKE systems, and linux-image-oracle 5.0.0-1010.15~18.04.1 for Oracle systems. Please reboot your machines are installing the new kernel versions.

Last updated 4 years ago

Buy Me a Coffee at