Canonical was quick to respond to the latest security vulnerabilities affecting Intel CPU microarchitectures, so they now published Linux kernel updates to mitigate them. These are CVE-2019-11135, CVE-2018-12207, CVE-2019-0154, and CVE-2019-0155, which could allow local attackers to either expose sensitive information or possibly elevate privileges or cause a denial of service. On top of these security issues affecting Intel CPUs, the new Linux kernel security updates also address three vulnerabilities (CVE-2019-15791, CVE-2019-15792, and CVE-2019-15793) discovered by Google Project Zero’s . Canonical released new Linux kernel versions for all supported Ubuntu Linux versions to address a regression introduced by the previous kernel versions, which broke KVM guests on systems where extended page tables (EPT) were disabled or not supported. Also, they discovered that the fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems.
Submitted by: Arnfried Walbrecht