Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 635
Alerts This Week
Warning Icon 1 635

Ubuntu 18.04 LTS: 0058-1 Critical: Linux Kernel Denial of Service

ubuntu
Calendar Grey October 22, 2019
Dist Ubuntu Esm H88
=========================================================================Kernel Live Patch Security
Several security issues were fixed in the kernel.

Summary

Several security issues were fixed in the kernel.

Software Description:

- linux: Linux kernel

Details:

It was discovered that a race condition existed in the GFS2 file system in

the Linux kernel. A local attacker could possibly use this to cause a

denial of service (system crash). (CVE-2016-10905)

It was discovered that a use-after-free error existed in the block layer

subsystem of the Linux kernel when certain failure conditions occurred. A

local attacker could possibly use this to cause a denial of service (system

crash) or possibly execute arbitrary code. (CVE-2018-20856)

It was discovered that the USB gadget Midi driver in the Linux kernel

contained a double-free vulnerability when handling certain error

conditions. A local attacker could use this to cause a denial of service

(system crash). (CVE-2018-20961)

It was discovered that the XFS file system in the Linux kernel did not

properly handle mount failures in some situations. A local attacker could

possibly use this to ...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your livepatches to the following
versions:

| Kernel                   | Version  | flavors                  |
|--------------------------+----------+--------------------------|
| 4.4.0-148.174            | 58.1     | lowlatency, generic      |
| 4.4.0-148.174~14.04.1    | 58.1     | lowlatency, generic      |
| 4.4.0-150.176            | 58.1     | generic, lowlatency      |
| 4.4.0-150.176~14.04.1    | 58.1     | lowlatency, generic      |
| 4.4.0-151.178            | 58.1     | lowlatency, generic      |
| 4.4.0-151.178~14.04.1    | 58.1     | generic, lowlatency      |
| 4.4.0-154.181            | 58.1     | lowlatency, generic      |
| 4.4.0-154.181~14.04.1    | 58.1     | generic, lowlatency      |
| 4.4.0-157.185            | 58.1     | lowlatency, generic      |
| 4.4.0-157.185~14.04.1    | 58.1     | generic, lowlatency      |
| 4.4.0-159.187            | 58.1     | lowlatency, generic      |
| 4.4.0-159.187~14.04.1    | 58.1     | generic, lowlatency      |
| 4.4.0-161.189            | 58.1     | lowlatency, generic      |
| 4.4.0-161.189~14.04.1    | 58.1     | lowlatency, generic      |
| 4.4.0-164.192            | 58.1     | lowlatency, generic      |
| 4.4.0-164.192~14.04.1    | 58.1     | lowlatency, generic      |
| 4.4.0-165.193            | 58.1     | generic, lowlatency      |
| 4.4.0-1083.93            | 58.1     | aws                      |
| 4.4.0-1084.94            | 58.1     | aws                      |
| 4.4.0-1085.96            | 58.1     | aws                      |
| 4.4.0-1087.98            | 58.1     | aws                      |
| 4.4.0-1088.99            | 58.1     | aws                      |
| 4.4.0-1090.101           | 58.1     | aws                      |
| 4.4.0-1092.103           | 58.1     | aws                      |
| 4.4.0-1094.105           | 58.1     | aws                      |
| 4.15.0-50.54             | 58.1     | generic, lowlatency      |
| 4.15.0-50.54~16.04.1     | 58.1     | generic, lowlatency      |
| 4.15.0-51.55             | 58.1     | generic, lowlatency      |
| 4.15.0-51.55~16.04.1     | 58.1     | generic, lowlatency      |
| 4.15.0-52.56             | 58.1     | lowlatency, generic      |
| 4.15.0-52.56~16.04.1     | 58.1     | generic, lowlatency      |
| 4.15.0-54.58             | 58.1     | generic, lowlatency      |
| 4.15.0-54.58~16.04.1     | 58.1     | generic, lowlatency      |
| 4.15.0-55.60             | 58.1     | generic, lowlatency      |
| 4.15.0-58.64             | 58.1     | generic, lowlatency      |
| 4.15.0-58.64~16.04.1     | 58.1     | lowlatency, generic      |
| 4.15.0-60.67             | 58.1     | lowlatency, generic      |
| 4.15.0-60.67~16.04.1     | 58.1     | generic, lowlatency      |
| 4.15.0-62.69             | 58.1     | generic, lowlatency      |
| 4.15.0-62.69~16.04.1     | 58.1     | lowlatency, generic      |
| 4.15.0-64.73             | 58.1     | generic, lowlatency      |
| 4.15.0-64.73~16.04.1     | 58.1     | lowlatency, generic      |
| 4.15.0-65.74             | 58.1     | lowlatency, generic      |
| 4.15.0-1038.43           | 58.1     | oem                      |
| 4.15.0-1039.41           | 58.1     | aws                      |
| 4.15.0-1039.44           | 58.1     | oem                      |
| 4.15.0-1040.42           | 58.1     | aws                      |
| 4.15.0-1041.43           | 58.1     | aws                      |
| 4.15.0-1043.45           | 58.1     | aws                      |
| 4.15.0-1043.48           | 58.1     | oem                      |
| 4.15.0-1044.46           | 58.1     | aws                      |
| 4.15.0-1045.47           | 58.1     | aws                      |
| 4.15.0-1045.50           | 58.1     | oem                      |
| 4.15.0-1047.49           | 58.1     | aws                      |
| 4.15.0-1047.51           | 58.1     | azure                    |
| 4.15.0-1048.50           | 58.1     | aws                      |
| 4.15.0-1049.54           | 58.1     | azure                    |
| 4.15.0-1050.52           | 58.1     | aws                      |
| 4.15.0-1050.55           | 58.1     | azure                    |
| 4.15.0-1050.57           | 58.1     | oem                      |
| 4.15.0-1051.53           | 58.1     | aws                      |
| 4.15.0-1051.56           | 58.1     | azure                    |
| 4.15.0-1052.57           | 58.1     | azure                    |
| 4.15.0-1055.60           | 58.1     | azure                    |
| 4.15.0-1056.61           | 58.1     | azure                    |
| 4.15.0-1056.65           | 58.1     | oem                      |
| 4.15.0-1057.62           | 58.1     | azure                    |
| 4.15.0-1057.66           | 58.1     | oem                      |
| 4.15.0-1059.64           | 58.1     | azure                    |
| 5.0.0-1014.14~18.04.1    | 58.1     | azure                    |
| 5.0.0-1016.17~18.04.1    | 58.1     | azure                    |
| 5.0.0-1018.19~18.04.1    | 58.1     | azure                    |
| 5.0.0-1020.21~18.04.1    | 58.1     | azure                    |

Support Information:

Kernels older than the levels listed below do not receive livepatch
updates. Please upgrade your kernel as soon as possible.

| Series           | Version          | Flavors                  |
|------------------+------------------+--------------------------|
| Ubuntu 18.04 LTS | 4.15.0-1039      | aws                      |
| Ubuntu 16.04 LTS | 4.4.0-1083       | aws                      |
| Ubuntu 18.04 LTS | 5.0.0-1000       | azure                    |
| Ubuntu 16.04 LTS | 4.15.0-1047      | azure                    |
| Ubuntu 18.04 LTS | 4.15.0-50        | generic lowlatency       |
| Ubuntu 16.04 LTS | 4.15.0-50        | generic lowlatency       |
| Ubuntu 14.04 LTS | 4.4.0-148        | generic lowlatency       |
| Ubuntu 18.04 LTS | 4.15.0-1038      | oem                      |
| Ubuntu 16.04 LTS | 4.4.0-148        | generic lowlatency       |

References

CVE-2016-10905, CVE-2018-20856, CVE-2018-20961, CVE-2018-20976,

CVE-2018-21008, CVE-2019-0136, CVE-2019-2054, CVE-2019-2181,

CVE-2019-3846, CVE-2019-10126, CVE-2019-10207, CVE-2019-11477,

CVE-2019-11478, CVE-2019-11833, CVE-2019-12614, CVE-2019-14283,

CVE-2019-14284, CVE-2019-14814, CVE-2019-14815, CVE-2019-14816,

CVE-2019-14821, CVE-2019-14835

--

ubuntu-security-announce mailing list

ubuntu-security-announce@lists.ubuntu.com

Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

Severity
critical
Lowest
Low
Medium
High
Critical

October 22, 2019

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.