Canonical released new kernel updates for all supported Ubuntu Linux releases, including Ubuntu 14.04 LTS (Trusty Tahr), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 17.04 (Zesty Zapus), fixing a total of five security vulnerabilities.
Affecting all three Ubuntu releases, as well as all official derivatives, such as Kubuntu, Xubuntu, Lubuntu, Ubuntu MATE, etc., a divide-by-zero error (CVE-2017-14106) was discovered by Andrey Konovalov in Linux kernel’s TCP stack implementation, allowing a local attacker to crash the system by causing a denial of service.
Affecting Ubuntu 14.04 LTS systems and derivaties, as well as Ubuntu 12.04.5 ESM (Extended Security Maintenance) machines, a buffer overflow (CVE-2016-8633) was discovered by Eyal Itkin in Linux kernel’s IP over IEEE 1394 (FireWire) implementation when handling fragment… (read more)


Read more: original article.