After all supported versions of Ubuntu Linux released last week by Canonical released the latest Linux kernel security update, the new real-time kernel patch is now available for Ubuntu 18.04 LTS (Bionic Beaver) and user Ubuntu 16.04 LTS (Xenial Xerus) use. Use Canonical Livepatch Service application without restarting the operating system kernel update.
It fixes five security issues, including race conditions ( CVE-2019-11815 ), which may lead to the Linux kernel RDS (Reliable Datagram Sockets) protocol implementation free of charge, which could allow a local attacker to crash the system or defect (execute arbitrary code, and the influence of ARM CPU CVE-2019-2054 ), which allows the attacker to bypass local seccomp limit.
Also patched Linux kernel EXT4 file system and Bluetooth Human Interface Device discovery protocol (HIDP) achieved in two issues S ( CVE-2019-11833 and CVE-2019-11884 ), which could allow a local attacker to expose sensitive information (kernel memory) because the Linux kernel and in some cases unable to verify or correct memory clearing NULL-terminated string.
Bluetooth bug fixes eight years ago, now update your system
In addition, real-time kernel patch includes a fix to address eight vulnerabilities history (of Vasiliy Kulikov discovered in the Linux kernel Bluetooth stack CVE-2011-1079 ), which could allow a local attacker to crash the system, which may result in denial service or kernel stack memory leaks, so that users' privacy is threatened.
使用Canonical Livepatch Service的Ubuntu 18.04 LTS(Bionic Beaver)和Ubuntu 16.04 LTS(Xenial Xerus)操作系统系列的所有用户现在可以在其安装上应用无重启内核实时补丁。对于通用和低端风格,需要安装的内核liv补丁版本为53.1。