Several security issues were discovered in the Linux kernel used by Canonical’s Ubuntu 18.04 LTS (Bionic Beaver) operating system, affecting all of its derivatives, including Kubuntu, Xubuntu, Lubuntu, Ubuntu GNOME, Ubuntu Budgie, Ubuntu Kylin, and Ubuntu Studio, as well as other third-party flavors based on them.
A total of eleven security vulnerabilities were addressed in this major kernel update, seven of which are flaws discovered by Wen Xu in Linux kernel’s EXT4 filesystem implementation.
These vulnerabilities, which ranged from use-after-free and buffer overflow to out-of-bounds writes, could allow attackers to either execute arbitrary code or crash the system via a denial of service attack by utilizing a maliciously crafted EXT4 image that could be mounted on the vulnerable machine.
Also addressed is a race condition discovered in Linux kernel’s vsock address family implementation, which could lead to a use-after-free condition, allowing a local attacker in the guest virtual machine to expose sensitive information (host machine kernel memory).
Two security issues affecting the KVM (Kernel-based Virtual Machine) implementation, discovered by Cfir Cohen and Wei Wu, were fixed as well. These could allow a local attacker in a guest virtual machine to gain administrative privileges in the host machine or crash the system.
Last but not least, the security update patches two vulnerabilities discovered by Jann Horn of Google Project Zero in Linux kernel’s procfs file system implementation and mremap() system call, which could let local attackers expose sensitive information or execute arbitrary code.
The security update also fixes an issue discovered in Linux kernel’s HID subsystem debug interface, which improperly performed bounds checking under certain conditions, allowing an attacker that has access to the debugfs utility to either gain additional privileges or cause a denial of service.
Canonical urges all Ubuntu 18.04 LTS (Bionic Beaver) users to update their installations immediately to the linux-image 4.15.0-44.47 kernel that’s available for generic, lpae, and lowlatency 64-bit and 32-bit installations, as well as for Snapdragon processors.
Submitted by: Arnfried Walbrecht