Canonical has released today a new Linux kernel security update for the Ubuntu 16.04 LTS (Xenial Xerus) operating system to address several vulnerabilities.
In addition to mitigating the CVE-2019-14615 vulnerability affecting certain Intel graphics processors, the new Linux kernel security update addresses a race condition (CVE-2019-18683) in the Virtual Video Test Driver (VIVID), which could allow an attacker with access to /dev/video0 to gain administrative privileges.
Various other flaws (CVE-2019-19062, CVE-2019-19063, CVE-2019-19227, CVE-2019-19332, CVE-2019-15291) were fixed in the crypto subsystem, Realtek rtlwifi USB device driver, AppleTalk networking subsystem, KVM hypervisor, and B2C2 FlexCop USB device driver.
Most of these issue could allow local or physically proximate attackers to cause a denial of service (system crash or kernel memory exhaustion).
Only Ubuntu 16.04 LTS systems running Linux kernel 4.4 are affected
To fix these flaws, Canonical urges users to update their systems as soon as possible to linux-image 4.4.0-173.203 on 64-bit and PowerPC systems, linux-image-raspi2 4.4.0-1128.137 on Raspberry Pi 2, linux-image-kvm 4.4.0-1065.72 on Snapdragon processors, linux-image-aws 4.4.0-1101.112 on Amazon Web Services (AWS) systems, and linux-image-snapdragon 4.4.0-1132.140 on Snapdragon processors.
To update your installations, open the Software Updater utility and apply all available updates or follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades. After installing the new kernel versions, you will need to restart your computers and reinstall any third-party kernel modules you might have installed.
Also, keep in mind that the new security update is available only for Ubuntu 16.04 LTS (Xenial Xerus) system running the Linux 4.4 kernel, so if you’re running a newer Linux 4.15 HWE (Hardware Enablement) kernel from Ubuntu 18.04 LTS (Bionic Beaver), you need to update to the linux-image 4.15.0-76.86 kernel, also released today.
Last updated 7 months ago