Implementation of Linux Kernel Live Patching, Canonical releases new Linux Kernel Live Patches for Ubuntu 18.04 LTS and 16.04 LTS...

Others 2022-04-21 01:30:06 views: 0

Canonical Releases New Linux Kernel Live Patches for Ubuntu 18.04 LTS and 16.04 LTS

76cbfe0f850fa2c26c6c52eb7c4a59d2.png

Canonical has released a new kernel live patch for all of its LTS (Long Term Support) Ubuntu Linux releases to address various security vulnerabilities recently discovered by various security researchers.

With the rollout of the latest Linux kernel security update released by Canonical on Tuesday, the new Linux kernel live patch security update fixes a total of five security vulnerabilities, recorded as CVE-2018-11506, CVE-2018-11412, CVE-2018-13406, CVE-2018-12233 and CVE-2018-13405.

These include a stack-based buffer overflow (CVE-2018-11506) discovered by Piotr Gabriel Kosinski and Daniel Shapira in the Linux kernel's CDROM driver implementation, which could allow a local attacker to execute arbitrary code or crash the system by denying service .

Discovered by Jann Horn, the kernel live patch also addresses a security vulnerability (CVE-2018-11412) in the Linux kernel's EXT4 filesystem implementation that could allow an attacker to execute arbitrary code or crash the system by creating and executing a denial of service installation Malicious EXT4 image.

Also fixes an integer overflow found by Silvio Cesare in the Linux kernel's generic VESA framebuffer driver (CVE-2018-13406), and Shankara Pailoor's found buffer overflow in the JFS filesystem implementation (CVE-2018-12233), Both allow a local attacker to crash the system or execute arbitrary code.

The last security flaw (CVE-2018-13405) fixed in the latest Ubuntu Linux kernel live patch could allow a local attacker to gain elevated privileges, as the Linux kernel cannot handle setgid files being created by non-members of the group.

All livepatch users must update immediately

The new Linux kernel live patch security update is now available for 64-bit (amd64) Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 16.04 LTS (Xenial Xerus) and Ubuntu 14.04 LTS (Trusty Tahr) operating system series with Canonical Livepatch Service active and is running.

While Ubuntu 18.04.1 LTS and Ubuntu 16.04.5 LTS users must update their kernel packages to versions 4.15.0-32.35 and 4.15.0-32.35~16.04.1 respectively, Ubuntu 14.04.5 LTS users must update their kernel For versions 4.4.0-133.159~14.04.1. A reboot is not required when installing new kernel live patches. All livepatch users must update their systems immediately.

For more Ubuntu related information, see the Ubuntu topic page https://www.linuxidc.com/topicnews.aspx?tid=2

RSS address of Linux Commune: https://www.linuxidc.com/rssFeed.aspx

This article permanently updates the link address: https://www.linuxidc.com/Linux/2018-09/154045.htm

Editor:

Guess you like

Origin http://43.154.161.224:23101/article/api/json?id=324480952&siteId=291194637
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com