---

Canonical Outs Important Linux Kernel Updates for All Supported Ubuntu Releases

Affecting all three Ubuntu releases, as well as all official derivatives, such as Kubuntu, Xubuntu, Lubuntu, Ubuntu MATE, etc., a divide-by-zero error (CVE-2017-14106) was discovered by Andrey Konovalov in Linux kernel’s TCP stack implementation, allowing a local attacker to crash the system by causing a denial of service. Affecting Ubuntu 14.04 LTS systems and derivaties, as well as Ubuntu 12.04.5 ESM (Extended Security Maintenance) machines, a buffer overflow (CVE-2016-8633) was discovered by Eyal Itkin in Linux kernel’s IP over IEEE 1394 (FireWire) implementation when handling fragmented packets.