The new Linux kernel live patch is here to tackle one buffer overflow (CVE-2019-14835) discovered by security researcher Peter Pi on Linux kernel's virtio network backend (vhost_net) implementation and may lead to DoS attacks.
Users are invited to update their installations
If you are using Canonical LivePatch on Ubuntu 18.04 LTS (Bionic Beaver) or Ubuntu 16.04 LTS (Xenial Xerus), it is recommended that you install the kernel live patch on the kernel as soon as possible to mitigate the above security vulnerability.
The kernel live patch is only available for Ubuntu 18.04 LTS 64 bit systems using the Linux 4.15 kernel, as well as for Ubuntu 16.04 LTS systems using the Linux 4.4 kernel. In addition, it is also available for users of the Ubuntu 14.04 ESM (Extended Security Maintenance) that use the Linux 4.4 HWE (Hardware Enablement) kernel.
However, Canonical noted that if you use kernels older than 4.15.0-50 on Ubuntu 18.04 LTS or Ubuntu 16.04 LTS as well as 4.4.0-148 on Ubuntu 16.04 LTS or Ubuntu 14.04 ESM systems, you will not receive the latest updates.
Visit the website Canonical for more information.
How useful was this post?
Average rating / 5. Vote count: