Ubuntu 18.04 must be patched

Ubuntu security patch

Canonical updates Ubuntu 18.04 to the Linux kernel 4.15.0-44.47 to fix several security bugs.

Ubuntu is an extremely popular server, cloud and desktop Linux distribution. Therefore, when parent company Canonical announces that it is moving Ubuntu 18.04, the latest edition of LTS support, to a new Linux kernel, it’s time to pay attention and patch.

This kernel, 4.15.0-44.47, contains 11 security fixes and other minor improvements. The most important of these are four issues with the implementation of the ext4 file system by Linux. Ext4 is the most commonly used Linux file system and is the default file system of the Ubuntu Linux family.

All these bugs discovered by Wen Xu, a student of Georgia Tech in computer science, could be used to create a malicious ext4 image. Such an image can cause a system crash when mounted or can be used to execute arbitrary code. Two other security issues (CVE-2018-16882 and CVE-2018-19407) have hit the Virtual Machine (KVM) kernel-based Linux system. With this, a local attacker on a virtual guest machine could possibly have root privileges on the host machine or a system crash.

Canonical urges users of Ubuntu 18.04 to quickly patch their systems. In addition to affecting Ubuntu vanilla, these bugs may also cause problems with Ubuntu variants such as Kubuntu, Xubuntu and Lubuntu. They can be used against other Linux distros, like Mint 19 and Mint 19.1, built on top of Ubuntu 18.04.

Run Update Manager to patch a Ubuntu desktop. Once you have upgraded, check for new updates and press the’ Install Updates ‘ button to upgrade the selected packages to your PC. Run the following commands from the shell on a server without a GUI:

$sudo apt-get update
$sudo apt-get dist-upgrade

After installing the patches, you will need to reboot the system to ensure that all the changes are implemented.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.