Canonical on Friday published multiple Ubuntu Security Notices (USNs) to inform Ubuntu users about the availability of new Linux kernel versions for their supported releases.
Two security issues are affecting the Ubuntu 17.04 (Zesty Zapus), Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 LTS (Precise Pangolin), as well as all of their official derivatives, including Kubuntu, Lubuntu, Xubuntu, Ubuntu Studio, Ubuntu MATE, Ubuntu GNOME, and Ubuntu Kylin.
Both security flaws patched by the new kernel updates were discovered by Andrey Konovalov. The first is a race condition (CVE-2017-1000112) found in Linux kernel’s UDP Fragmentation Offload (UFO) code, which could allow a local attacker to either execute arbitrary code or crash the affected system by causing a denial of service.
Also a race condition, the second kern… (read more)