The new Linux kernel security update fixes two vulnerabilities (CVE-2018-20976 and CVE-2019-15538) in the Linux 4.15 kernel used in both Ubuntu 18.04 LTS and Ubuntu 16.04 LTS, discovered in the XFS file system, which could allow a local attacker to either execute arbitrary code or cause a denial of service (system crash). The CVE-2018-20976 issue was also fixed in the Linux 4.4 kernel. The new Linux kernel security update is available right now for users of the Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus) operating systems using the Linux 4.15 kernel, as well as for Ubuntu 16.04 LTS (Xenial Xerus) users using the Linux 4.4 kernel. Canonical urges all users to update their systems as soon as possible.
Submitted by: Arnfried Walbrecht