07 April 20, 14:56
(This post was last modified: 07 April 20, 14:57 by silversurfer.)
Quote:Canonical has released new updates for Ubuntu to resolve multiple security vulnerabilities in various versions of the operating system, including 14.04, 16.04, 18.04, and 19.10.
When exploited, the vulnerabilities can be used to cause a denial of service, which crashes the system, and expose sensitive information in the kernel memory, Canonical warns.
There are three security advisories published on April 6, as it follows:First and foremost, USN-4318-1 refers to vulnerabilities in the Linux kernel that affect Ubuntu 16.04 LTS and Ubuntu 18.04 LTS which requires an attack to be launched locally for a denial of service or sensitive information exposure.
- USN-4318-1: Linux kernel vulnerabilities
- USN-4320-1: Linux kernel vulnerability
- USN-4319-1: Linux kernel vulnerabilities
Furthermore, a second flaw in the KVM implementation in the Linux kernel for PowerPC processors, also requires local access to cause a system crash. And then, Sijie Luo came across an ext4 file system flaw in the Linux kernel that can also be used for a denial of service.
On the other hand, USN-4320-1 details a security flaw affecting Ubuntu 16.04 LTS and Ubuntu 14.04 ESM which, when exploited by a local attacker, can lead to a system crash or expose sensitive information in the kernel memory.
And last but not least, USN-4319-1 concerns Ubuntu 19.10 and Ubuntu 18.04 LTS, which leads to a denial of service when a local attacker exploits the flaws.
Read more: https://news.softpedia.com/news/ubuntu-s...9669.shtml