---

Canonical Releases New Linux Kernel Security Update for Ubuntu 18.04 LTS

The Linux kernel security update addresses three vulnerabilities, including a race condition (CVE-2019-6133) in Linux kernel’s fork() system call, which could allow a local attacker to gain access to services were authorizations are cached, and a flaw (CVE-2018-18397) in the userfaultd implementation, which could allow a local attacker to modify files. Both issues were discovered by Jann Horn. Furthermore, the kernel security patch addresses a vulnerability (CVE-2018-19854) in Linux kernel’s crypto subsystem, which leads to leaked uninitialized memory to user space under certain situations. This would allow a local attacker to expose sensitive information (kernel memory). These security vulnerabilities affect Ubuntu 18.04 LTS and all of its official or unofficial derivatives.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis