Ubuntu is a very popular Linux distribution for servers, clouds, and the desktop. So, when parent company Canonical announces it is moving Ubuntu 18.04, the latest long term support (LTS) edition, to a new Linux kernel, it’s time to pay attention and patch.
This kernel, 4.15.0-44.47, contains 11 security fixes and other minor improvements.
The most significant of these are four problems with Linux’s implementation of the ext4 filesystem. Ext4 is the most commonly used Linux filesystem, and it’s the Ubuntu Linux family’s default file system.
All these bugs, which were discovered by Wen Xu, a Georgia Tech computer-science graduate student, could be used to create to create a malicious ext4 image. Such an image, when mounted, could cause a system crash or possibly be used to execute arbitrary code.
Two other security problems (CVE-2018-16882 and CVE-2018-19407) hit Linux’s built-in Kernel-based Virtual Machine (KVM). With this, a local attacker in a guest virtual machine could conceivably get root-level privileges in the host machine or a system crash.
Canonical urges Ubuntu 18.04 users to patch their systems as soon as possible. Besides impacting vanilla Ubuntu, these bugs can trouble such Ubuntu variants as Kubuntu, Xubuntu, and Lubuntu. They could be used against other Linux distros, such as Mint 19 and Mint 19.1, which are built on top of Ubuntu 18.04.
To patch an Ubuntu desktop, run Update Manager. Once up, check for new updates and press the ‘Install Updates’ button to upgrade the selected packages to their updated version on your PC. On a server without a GUI, run the following commands from the shell:
$ sudo apt-get update
$ sudo apt-get dist-upgrade
Then, after installing the patches, you’ll need to reboot the system to make sure the changes are all put in place.