---

Canonical Outs Major Linux Kernel Security Patch for Ubuntu 18.04 and 16.04 LTS

The new Linux kernel security update fixes two vulnerabilities (CVE-2018-20976 and CVE-2019-15538) in the Linux 4.15 kernel used in both Ubuntu 18.04 LTS and Ubuntu 16.04 LTS, discovered in the XFS file system, which could allow a local attacker to either execute arbitrary code or cause a denial of service (system crash). The CVE-2018-20976 issue was also fixed in the Linux 4.4 kernel. As for the security issues addressed in the Linux 4.4 kernel used on some Ubuntu 16.04 LTS systems, we can mention a race condition (CVE-2016-10905) in the GFS2 file system, an integer overflow (CVE-2019-11487) in the Linux kernel discovered when reference counting pages, as well as a race condition (CVE-2019-15215) in the CPiA2 video4linux device driver.