Canonical has released new kernel security updates, which includes fixes for Lazy FPU Save / Restore and other crashes. Check out the details of this update.
These Canonical kernel security updates are for all supported Ubuntu Linux operating systems and serve to address various security vulnerabilities discovered by multiple researchers.
The new kernel updates are available for Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus) as well as Ubuntu 14.04 LTS (Trusty Tahr) and fix a total of 22 security vulnerabilities in all versions of Ubuntu Linux.
Canonical launches fix for Lazy FPU Save / Restore and other glitches
One of the most important issues fixed is an information leak vulnerability marked CVE-2018-7755 and discovered in the Linux kernel floppy disk driver, which could allow a local attacker to expose sensitive information (kernel memory).
This issue affected Ubuntu 18.04 LTS, Ubuntu 17.10, Ubuntu 16.04 LTS and Ubuntu 14.04 LTS.
Affecting only Ubuntu 18.04 LTS, the update fixes the security holes discovered in the Linux kernel EXT4 file system implementation (CVE-2018-1094 and CVE-2018-1095) and the cdrom driver (CVE-2018-10940).
It also fixes a problem with the 32-bit syscall implementation of adjtimex () (CVE-2018-11508), which affects Ubuntu 18.04 LTS and Ubuntu 17.10.
Lazy FPU Save / Restore Fixed on Ubuntu 16.04 LTS and 14.04 LTS
Other security issues addressed include a null pointer dereference vulnerability (CVE-2018-1130) in the Linux kernel DCCP implementation, as well as an information disclosure vulnerability (CVE-2018-5750) in the Linux kernel SMBus driver for ACPI Embedded drivers that affect Ubuntu 17.10 and Ubuntu 14.04 LTS.
In addition, there are fixes for a security vulnerability (CVE-2018-5803) discovery in the Linux kernel SCTP Protocol implementation, an integer overflow error (CVE-2018-6927) in the futex implementation, and a memory leak (CVE-2018-7757) on the SAS driver subsystem, all affecting the Ubuntu 17.10 and Ubuntu 14.04 LTS operating systems.
For Ubuntu 16.04 LTS, the Linux kernel update addresses ten security vulnerabilities, including two integer overflow problems (CVE-2017-18255 and CVE-2017-18257) in the perf subsystem and in the F2FS file system, a leak (CVE-2018-1000204) in the generic SCSI driver, as well as errors in the wait4 () and kill () system calls (CVE-2018-10087 and CVE-2018-10124).
In addition, the kernel upgrade also protects Ubuntu 16.04 LTS and 14.04 LTS users against the 4th variant of the Specter security vulnerability ( CVE-2018-3665 ) discovered by Julian Stecklina and Thomas Prescher in FPU registry states such as AVX, MMX, and SSE, which were restored lazily, vulnerable to side-channel attacks, allowing local intruders to expose sensitive information.
Other than that, there have been a number of uses after CVE-2018-5814 errors discovered in the Linux kernel’s USB / IP implementation, an information leak (CVE-2017-13695) discovered in Linux kerne’s ACPI manipulation code and a memory leak (CVE-2018-10021) found in the Serial Attached SCSI (SAS) implementation of the Linux kernel, which were fixed for Ubuntu 16.04 LTS users.
Two security issues (CVE-2017-12154 and CVE-2017-12193) affecting the nested implementations of KVM and associative array, and a race condition (CVE-2017-15265) in the ALSA subsystem in Ubuntu 14.04 LTS have also been fixed.
Everyone should update
It is recommended that all Ubuntu users update their installations as soon as possible and keep them updated at all times.
Generally, the execution of the commands listed below should suffice, followed by a system reboot.
sudo apt-get update
sudo apt-get dist-upgrade
As always, after restarting your computer, recompile and reinstall the third-party kernel modules.
For details on how to upgrade your system, follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades .