---

Canonical Outs New Linux Kernel Security Update for All Supported Ubuntu OSes

The first security issue addressed in this update is a a buffer overflow (CVE-2019-14835) discovered by Peter Pi in Linux kernel’s virtio network backend (vhost_net) implementation, which could allow an attacker in the guest system to either execute arbitrary code in the host OS or crash the host operating system by causing a denial of service. The second and third Linux kernel security flaws (CVE-2019-15031 and CVE-2019-15030) affected PowerPC architectures, which incorrectly handled Facility Unavailable exceptions and exceptions on interrupts under certain situations. These could allow a local attacker to expose sensitive information.