Canonical released today a new major Linux kernel security update for all supported Ubuntu releases to address over 20 vulnerabilities.
Available for the Ubuntu 19.10 (Eoan Ermine), Ubuntu 18.04 LTS (Bionic Beaver), and Ubuntu 16.04 LTS (Xenial Xerus) operating system series, the new Linux kernel security update is here to fix a vulnerability (CVE-2019-14615) affecting systems with Intel Graphics Processing Units (GPUs), which could allow a local attacker to expose sensitive information.
It also addresses a race condition (CVE-2019-18683) discovered in the Virtual Video Test Driver (VIVID), which could allow an attacker with write access to /dev/video0 to gain administrative privileges, as well as a flaw (CVE-2019-19241) in Linux kernel’s IO uring implementation that could also allow a local attacker to gain administrative privileges.
Another race condition (CVE-2019-19602) was fixed on x86 platforms, which could let a local attacker to cause a denial of service (memory corruption) or gain administrative privileges. Moreover, issues (CVE-2019-18786 and CVE-2019-19947) discovered in the Renesas Digital Radio Interface (DRIF) and Kvaser CAN/USB drivers could allow local attackers to expose sensitive information (kernel memory).
This new security update also fixes many other flaws discovered in Linux kernel’s AMD GPU device drivers, Afatech AF9005 DVB-T USB device driver, AppleTalk networking subsystem, Atheros 802.11ac wireless USB device driver, B2C2 FlexCop USB device driver, Brocade BFA Fibre Channel device driver, Broadcom Netxtreme HCA device driver, crypto subsystem, Datagram Congestion Control Protocol (DCCP), EXT4 file system, HSA driver for AMD GPUs, and Intel WiMAX 2400 driver.
The list continues with the KVM hypervisor, Line 6 POD USB device driver, Marvell 8xxx Libertas WLAN device driver, Marvell WiFi-Ex driver, Realtek rtlwifi USB device driver, RSI 91x WLAN device driver, SAS Class driver, Sound Open Firmware (SOF) driver, virtual console subsystem, Wi-Fi implementation, Xen balloon memory driver, and ZR364XX Camera USB device driver. All of these flaws could allow local attackers to cause a denial of service (system crash or kernel memory exhaustion).
All Ubuntu users are urged to update their kernels immediately
Canonical urges all Ubuntu users to update their systems to the new kernel versions as soon as possible. On Ubuntu 19.10 and Ubuntu 18.04.4 LTS systems using Linux kernel 5.3, users must update to linux-image 5.3.0-40.32 and linux-image 5.3.0-40.32~18.04.1 respectively. On Ubuntu 18.04 LTS and Ubuntu 16.04.6 LTS systems using Linux kernel 4.15, users have to update to linux-image 4.15.0-88.88 and linux-image 4.15.0-88.88~16.04.1 respectively.
On Ubuntu 16.04 LTS systems using Linux kernel 4.4, users need to update to linux-image 4.4.0-174.204. Of course, Canonical has also released updated kernels for Amazon Web Services (AWS) systems, Google Cloud Platform (GCP) systems, Oracle Cloud systems, Microsoft Azure Cloud systems, Google Cloud Platform (GCP) systems, Raspberry Pi 2 devices, cloud environments (KVM), and Snapdragon processors.
To update, open the Software Updater utility and install all available updates. Alternatively, you can open a terminal emulator and run the
sudo apt update && sudo apt full-upgrade command. Please keep in mind to reboot your systems after installing the new kernel versions and rebuild/reinstall any third-party kernel modules you might have installed.