Major Ubuntu 18.04 Update Introduces Two Other Vulnerabilities
CYBER NEWS

Major Ubuntu 18.04 Update Introduces Two Other Vulnerabilities

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Canonical recently fixed a bunch of serious security flaws in Ubuntu 18.04, but it turns out that the major update introduced two more vulnerabilities. Apparently, “USN-3871-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, that update introduced regressions with docking station displays and mounting ext4 file systems with the meta_bg option enabled”, the new security advisory reads.




Recent Ubuntu 18.04 Update Triggers Two Other Bugs, Patch Recommended

Even though the issues triggered by the update are not as serious as

Canonical recently published a major Linux kernel security update for the Ubuntu 18.04 LTS (Bionic Beaver) operating system series.
the initial bugs, patching is still highly recommended. The new patch comes to take the place of the problematic linux-image 4.15.0-44.47 with the fixed linux-image 4.15.0-45.48 kernel.

It should be noted that because of an unavoidable ABI change, the kernel updates have been given a new version number, which requires users to recompile and reinstall all third party kernel modules they might have installed.

Unless users manually uninstalled the standard kernel metapackages (such as linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well, the advisory says.
The flaws addressed in the previous patch affect all the kernel’s derivatives such as Kubuntu, Xubuntu, Lubuntu, Ubuntu GNOME, Ubuntu Budge, Ubuntu Kylin, and Ubuntu Studio, meaning that the newly introduced issue also affects the same derivatives.

Seven of the previous fixes concern Linux kernel’s ext4 filesystem implementation; they were discovered by security researcher Wen Xu. Here’s the full list:

CVE-2018-10876, CVE-2018-10877, CVE-2018-10878, CVE-2018-10879, CVE-2018-10880, CVE-2018-10882, CVE-2018-10883

These flaws range from user-after-free and buffer overflow issues, to out-of-bounds writes. The vulnerabilities could also lead to arbitrary code execution or could even crash the system in denial-of-service attacks by exploiting a specially crafted ext4 image. That image could be mounted on a vulnerable system, researchers said.

Avatar

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...