[QSA-0114191] Linux kernel vulnerabilities

Qlustar Security Advisory 0114191

Jan 14th, 2019

Summary:

The system could crash or be made to run programs as an administrator.

    Package(s)       : linux-image-ql-generic,
                       qlustar-module-core-xenial-amd64-10.1.1
    Qlustar releases : 10.1
    Affected versions: All versions prior to this update
    Vulnerability    : privilege escalation/denial of service
    Problem type     : local
    Qlustar-specific : no
    CVE Id(s)        : Not documented
  

A number of vulnerabilities and bugs have been discovered in the 4.14.x Linux kernel series since the last Qlustar release based on 4.14.87. They may lead to a denial of service or privilege escalation. Please check the following web pages that contain details of the fixes in each release after 4.14.87 up to the current Qlustar kernel 4.14.92:

    Linux kernel 4.14.92
    Linux kernel 4.14.91
    Linux kernel 4.14.90
    Linux kernel 4.14.89
    Linux kernel 4.14.88
  

Update instructions:

The problem can be corrected by updating your system to the following or more recent package versions (follow the Qlustar Update Instructions):

    linux-image-ql-generic                     4.14.92-ql-generic-10.1-15
    qlustar-module-core-xenial-amd64-10.1.1    10.1.1.2-b505f1215