Linux Kernel Updates released for Ubuntu 16.04, 14.04 & 12.04 LTS. Ubuntu Security Notice USN-3084-1: Linux Kernel Vulnerabilities. Three Kernel flaws are fixed in the recent release.
According to Ubuntu Security Notice USN-3084-1, three Linux Kernel vulnerabilities are affecting Ubuntu 16.04 LTS. The release brings seroius updates and fixes for Kernel.
- (CVE-2016-6136) Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing.
- (CVE-2016-5412) It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state about transactional memory. An unprivileged attacker in a guest could cause a denial of service (CPU lockup) in the host OS.
- (CVE-2016-6156) Pengfei Wang discovered a race condition in the Chrome OS embedded controller device driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash).
Update instructions
The Linux Kernel vulnerabilities can be corrected by updating your system to the following package version:
- Ubuntu 16.04 LTS:
- linux-image-4.4.0-38-powerpc64-emb 4.4.0-38.57
- linux-image-4.4.0-38-powerpc64-smp 4.4.0-38.57
- linux-image-4.4.0-38-generic 4.4.0-38.57
- linux-image-4.4.0-38-powerpc-e500mc 4.4.0-38.57
- linux-image-4.4.0-38-powerpc-smp 4.4.0-38.57
- linux-image-4.4.0-38-lowlatency 4.4.0-38.57
- linux-image-4.4.0-38-generic-lpae 4.4.0-38.57
To update the system, run the following commands to apply new updates:
$ sudo apt-get update
$ sudo apt-get dist-upgrade
When performing an update, first review what apt is going to do, then confirm that you want to apply the updates (this is particularly true when running the development release).
Please restart the system after the update. It is necessary to restart the system as it will make all the necessary changes.