Several security issues were fixed in the Linux kernel.
Software Description:
- linux: Linux kernel
Details:
Wen Xu discovered that a use-after-free vulnerability existed in the ext4
filesystem implementation in the Linux kernel. An attacker could use this
to construct a malicious ext4 image that, when mounted, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2018-10876, CVE-2018-10879)
Wen Xu discovered that a buffer overflow existed in the ext4 filesystem
implementation in the Linux kernel. An attacker could use this to construct
a malicious ext4 image that, when mounted, could cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2018-10877)
Wen Xu discovered that an out-of-bounds write vulnerability existed in the
ext4 filesystem implementation in the Linux kernel. An attacker could use
this to construct a malicious ext4 image that, when mounted, could cause a
denial of service (system crash) or possibly ex...
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: linux-image-4.15.0-44-generic 4.15.0-44.47 linux-image-4.15.0-44-generic-lpae 4.15.0-44.47 linux-image-4.15.0-44-lowlatency 4.15.0-44.47 linux-image-4.15.0-44-snapdragon 4.15.0-44.47 linux-image-generic 4.15.0.44.46 linux-image-generic-lpae 4.15.0.44.46 linux-image-lowlatency 4.15.0.44.46 linux-image-snapdragon 4.15.0.44.46 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
https://ubuntu.com/security/notices/USN-3871-1
CVE-2018-10876, CVE-2018-10877, CVE-2018-10878, CVE-2018-10879,
CVE-2018-10880, CVE-2018-10882, CVE-2018-10883, CVE-2018-14625,
CVE-2018-16882, CVE-2018-17972, CVE-2018-18281, CVE-2018-19407,
CVE-2018-9516
Get the latest Linux and open source security news straight to your inbox.