Researchers have discovered several critical vulnerabilities in the Linux kernel at once:
-
A buffer overflow in the back end of the virtio network in the Linux kernel, which can be used to cause a denial of service or code execution on the host OS. CVE-2019-14835
-
The Linux kernel running on the PowerPC architecture does not properly handle Facility Unavailable exceptions in some situations. This vulnerability could be used by a local attacker to disclose sensitive information. CVE-2019-15030
-
The Linux kernel running on the PowerPC architecture does not correctly handle interrupt exceptions in certain situations. This vulnerability could also be used to expose sensitive information. CVE-2019-15031
The security update has already been released. It applies to Ubuntu 19.04, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS users.
Source: linux.org.ru