Canonical Outs New Kernel Security Updates for All Supported Ubuntu Releases

Two security issues are affecting the Ubuntu 17.04 (Zesty Zapus), Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 LTS (Precise Pangolin), as well as all of their official derivatives, including Kubuntu, Lubuntu, Xubuntu, Ubuntu Studio, Ubuntu MATE, Ubuntu GNOME, and Ubuntu Kylin. Both security flaws patched by the new kernel updates were discovered by Andrey Konovalov. The first is a race condition (CVE-2017-1000112) found in Linux kernel’s UDP Fragmentation Offload (UFO) code, which could allow a local attacker to either execute arbitrary code or crash the affected system by causing a denial of service.