Canonical released major kernel security updates for all of its supported Ubuntu Linux operating system series to address up to 15 security vulnerabilities.
The biggest kernel security patch released in December 2019 is for Ubuntu 19.10 (Eoan Ermine) and Ubuntu 18.04 LTS (Bionic Beaver) and fixes 12 vulnerabilities affecting Linux 5.3's OverlayFS and ShiftFS drivers, the Wi-Fi driver stack, ARM Komeda display driver, VirtualBox guest driver implementation, ADIS16400 IIO IMU driver, and Intel OPA Gen1 Infiniband driver.
Issues discovered in the AMD Audio CoProcessor driver, Qualcomm FastRPC driver, Cascoda CA8210 SPI 802.15.4 wireless controller driver, AMD Display Engine driver, and Chelsio T4/T5 RDMA driver were also addressed in this new kernel security update. The majority of these flaws could allow a local attacker to cause a denial of service (memory exhaustion or system crash).
Affecting the Linux 5.0 kernel of Ubuntu 19.04 (Disco Dingo) and Ubuntu 18.04.3 LTS (Bionic Beaver) releases, the new kernel security patch fixes a buffer overflow discovered in the 802.11 Wi-Fi configuration interface, which could allow a local attacker to cause a denial of service (system crash) or possibly execute arbitrary code, and a memory leak discovered in the Advanced Buffer Management functionality of the Netronome NFP4000/NFP6000 NIC driver.
Users are urged to update their systems immediately
For the Linux 4.4 kernel in the Ubuntu 16.04 LTS (Xenial Xerus) operating system series, there's also a fix for an infinite loop discovered in the CFS Linux kernel process scheduler, which could allow a local attacker to cause a denial of service. Users are urged to update their installations to the new kernel versions available in the main archives as soon as possible.
The new Linux kernel versions are linux-image 5.3.0-24.26 for Ubuntu 19.10, linux-image 5.0.0-37.40 for Ubuntu 19.04, linux-image 5.0.0-37.40~18.04.1 for Ubuntu 18.04.3 LTS, linux-image 4.15.0-72.81 for Ubuntu 18.04 LTS, linux-image 4.15.0-72.81~16.04.1 for Ubuntu 16.04.6 LTS, and linux-image 4.4.0-170.199 for Ubuntu 16.04 LTS. To update, follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades.