USN-3732-2: Linux kernel (HWE) vulnerability
Publication date
6 August 2018
Overview
The system could be made unavailable if it received specially crafted network traffic.
Releases
Packages
- linux-azure - Linux kernel for Microsoft Azure Cloud systems
- linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
- linux-hwe - Linux hardware enablement (HWE) kernel
Details
USN-3732-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu
16.04 LTS.
Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel
performed algorithmically expensive operations in some situations when
handling incoming packets. A remote attacker could use this to cause a
denial of service.
USN-3732-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu
16.04 LTS.
Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel
performed algorithmically expensive operations in some situations when
handling incoming packets. A remote attacker could use this to cause a
denial of service.
Update instructions
After a standard system update you need to reboot your computer to make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
Ubuntu Release | Package Version | ||
---|---|---|---|
16.04 xenial | linux-image-4.15.0-1015-gcp – 4.15.0-1015.15~16.04.1 | ||
linux-image-4.15.0-30-generic – 4.15.0-30.32~16.04.1 | |||
linux-image-4.15.0-30-generic-lpae – 4.15.0-30.32~16.04.1 | |||
linux-image-4.15.0-30-lowlatency – 4.15.0-30.32~16.04.1 |
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.
Have additional questions?