Canonical released a new batch of Linux kernel security update for all supported versions of Ubuntu Linux, Intel CPU to address the latest vulnerabilities and other important defects.
As announced a few days ago, Canonical respond quickly to the effects of Intel CPU micro-architecture of the latest security vulnerabilities, so they are now released Linux kernel update to mitigate these vulnerabilities. Including CVE-2019-11135 , CVE-2018-12207 , CVE-2019-0154 and CVE-2019-0155 , the vulnerability could allow a local attacker to disclose sensitive information or potentially elevated privileges or cause a denial of service.
In addition to addressing these security issues affecting the Intel CPU other than the new Linux kernel security update also addresses found in shiftfs could allow a local attacker to execute arbitrary code, cause service is denied (crashes) or bypass DAC permissions the three vulnerabilities (CVE-2019-15791, CVE-2019-15792 and CVE-2019-15793).
At the same time, the update also fixes a buffer found in the Linux kernel 802.11 Wi-Fi configuration interface overflow ( CVE-2019-16746 ), as well as another buffer found in Realtek Wi-Fi driver overflow (CVE -2019-17666 ).
In addition, the security update also fixes discovered in the Linux kernel Appletalk, AX25, NFC, ISDN and IEEE 802.15.4 low-rate wireless network protocol implementations, affects only Ubuntu 19.04, a few Ubuntu 18.04 LTS, Ubuntu 16.04 LTS system vulnerability, namely CVE-2019-17052 , CVE-2019-17053 , CVE-2019-17054 , CVE-2019-17055 and CVE-2019 -17 056 , all of these vulnerabilities could allow a local attacker to create the raw socket.
And fix vulnerabilities (found in Atheros AR6004 USB Wi-Fi Linux kernel device driver in CVE-2019-15098 ), and found in the Binder IPC driver implementation CVE-2019-2215 .
Canonical again urged users to update their systems to these new Linux kernel version to solve the problem.
Reference News: https://news.softpedia.com