---

Canonical Releases Kernel Security Update for Ubuntu 16.04 LTS to Patch 2 Flaws

Two kernel vulnerabilities are affecting Ubuntu 16.04, 16.04.1, and 16.04.2 users that are still using a kernel from the long-term supported Linux 4.4 series, including the Linux kernel for Raspberry Pi 2 devices, Snapdragon processors, as well as Google Container Engine (GKE) and Amazon Web Services (AWS) systems. The first one (CVE-2016-10208) was discovered by Ralf Spenneberg in Linux kernel’s EXT4 file system implementation, which incorrectly validated meta block groups, allowing an attacker that had physical access to the vulnerable system to crash the system by crafting an EXT4 image which causes a denial of service.