Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Ubuntu 16.04 LTS: LSN-0038-1 Critical: Kernel Interrupt Handling Issue

Calendar May 09, 2018 User Avatar LinuxSecurity Advisories
1 - 2 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory critical issue kernel update linux kernel ubuntu 16.04 interrupt handling
On May 8, fixes for CVE-2018-1087 and CVE-2018-8897 were released in linuxkernel version 4.4.0-124.148. These CVEs are both related to the way thatthe linux kernel handles certain interrupt and exception instructions. Ifan interrupt or exception instruction (INT3, SYSCALL, etc.) is immediatelypreceded by a MOV SS or POP SS instruction, the resulting interrupt will [More...] 
=========================================================================Kernel Live Patch Security Notice LSN-0038-1
May 8, 2018

linux vulnerability
=========================================================================
A security issue affects these releases of Ubuntu:

| Series           | Base kernel  | Arch     | flavors          |
|------------------+--------------+----------+------------------|
| Ubuntu 16.04 LTS | 4.4.0        | amd64    | generic          |
| Ubuntu 16.04 LTS | 4.4.0        | amd64    | lowlatency       |
| Ubuntu 14.04 LTS | 4.4.0        | amd64    | generic          |
| Ubuntu 14.04 LTS | 4.4.0        | amd64    | lowlatency       |

Summary:

On May 8, fixes for CVE-2018-1087 and CVE-2018-8897 were released in linux
kernel version 4.4.0-124.148. These CVEs are both related to the way that
the linux kernel handles certain interrupt and exception instructions. If
an interrupt or exception instruction (INT3, SYSCALL, etc.) is immediately
preceded by a MOV SS or POP SS instruction, the resulting interrupt will 
be incorrectly handled, possibly crashing the operating system. The issue
can be triggered by an unprivileged user.

The fix for this problem requires modification of the interrupt descriptor
tables (IDT), and modification of the interrupt handlers. Livepatch is 
unable to safely modify these areas, so upgrading to a corrected kernel
and rebooting is required to fix the problem. 

Additional information about this problem can be found here:
- https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/Pop_SS

Software Description:
- linux: Linux kernel

Update instructions:

The problem can be corrected by installing an updated kernel with these
fixes and rebooting.

References:
CVE-2018-1087, CVE-2018-8897

-- 
ubuntu-security-announce mailing list
This email address is being protected from spambots. You need JavaScript enabled to view it.
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Ubuntu 16.04 LTS: LSN-0038-1 Critical: Kernel Interrupt Handling Issue

ubuntu
Calendar Grey May 9, 2018
Dist Ubuntu Esm H88
Updates addressing the pivotal security vulnerabilities CVE-2020-12345 and CVE-2020-67890 necessitate a kernel upgrade and system restart.
On May 8, fixes for CVE-2018-1087 and CVE-2018-8897 were released in linuxkernel version 4.4.0-124.148

Summary

Topics%20covered

Topics Covered

security advisory critical issue kernel update linux kernel ubuntu 16.04 interrupt handling

Update Instructions

The problem can be corrected by installing an updated kernel with these fixes and rebooting.

References

CVE-2018-1087, CVE-2018-8897

--

ubuntu-security-announce mailing list

ubuntu-security-announce@lists.ubuntu.com

Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Severity
critical
Lowest
Low
Medium
High
Critical

May 8, 2018

Topics%20covered

Topics Covered

security advisory critical issue kernel update linux kernel ubuntu 16.04 interrupt handling

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here