According to Ubuntu Security Notice USN-3016-1, a total of seven Linux kernel vulnerabilities have been discovered and fixed in the upstream Linux 4.4 LTS kernel by various developers. Therefore, Canonical updated the kernel packages for its Ubuntu 16.04 LTS (Xenial Xerus) release to version linux-image-4.4.0-28 (4.4.0-28.47).
Among the patches, we can notice validation issues with Linux kernel’s netfilter implementation, an information leak in the core USB implementation, an information leak in the timer handling implementation, an information leak in the X.25 Call Request handling, and a bug in the Transparent Inter-process Communication (TIPC) implementation.
Detailed information and the respective CVEs are available in the security notice for your reading pleasure. The issues affect Ubuntu 16.04 LTS and all of its official derivatives, including Kubuntu 16.04 LTS, Xubuntu 16.04 LTS, Lubuntu 16.04 LTS, Ubuntu MATE 16.04 LTS, Ubuntu GNOME 16.04 LTS, Ubuntu Kylin 16.04 LTS, and Ubuntu Studio 16.04 LTS.
Submitted by: Arnfried Walbrecht