Critical vulnerabilities in the Linux kernel

Researchers have discovered several critical vulnerabilities in the Linux kernel at once:

• A buffer overflow in the back end of the virtio network in the Linux kernel, which can be used to cause a denial of service or code execution on the host OS. CVE-2019-14835

• The Linux kernel running on the PowerPC architecture does not properly handle Facility Unavailable exceptions in some situations. This vulnerability could be used by a local attacker to disclose sensitive information. CVE-2019-15030

• The Linux kernel running on the PowerPC architecture does not correctly handle interrupt exceptions in certain situations. This vulnerability could also be used to expose sensitive information. CVE-2019-15031

The security update has already been released. It applies to Ubuntu 19.04, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS users.

Source: linux.org.ru