USN-3484-2: Linux kernel (HWE) vulnerability
Publication date
21 November 2017
Overview
The system could be made to crash or run programs as an administrator.
Releases
Packages
- linux-hwe - Linux hardware enablement (HWE) kernel
Details
USN-3484-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04.
This update provides the corresponding updates for the Linux Hardware
Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS.
It was discovered that the KVM subsystem in the Linux kernel did not
properly keep track of nested levels in guest page tables. A local attacker
in a guest VM could use this to cause a denial of service (host OS crash)
or possibly execute arbitrary code in the host OS.
USN-3484-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04.
This update provides the corresponding updates for the Linux Hardware
Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS.
It was discovered that the KVM subsystem in the Linux kernel did not
properly keep track of nested levels in guest page tables. A local attacker
in a guest VM could use this to cause a denial of service (host OS crash)
or possibly execute arbitrary code in the host OS.
Update instructions
After a standard system update you need to reboot your computer to make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
| Ubuntu Release | Package Version | ||
|---|---|---|---|
| 16.04 xenial | linux-image-4.10.0-40-generic – 4.10.0-40.44~16.04.1 | ||
| linux-image-4.10.0-40-generic-lpae – 4.10.0-40.44~16.04.1 | |||
| linux-image-4.10.0-40-lowlatency – 4.10.0-40.44~16.04.1 | |||
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.
Related notices
Have additional questions?