[QSA-0510191]
Linux kernel vulnerabilities

Qlustar Security Advisory 0510191

May 10th, 2019

Summary:

The system could crash or be made to run programs as an administrator.

    Package(s)       : linux-image-ql-generic,
                       qlustar-module-core-xenial-amd64-10.1.1
    Qlustar releases : 10.1
    Affected versions: All versions prior to this update
    Vulnerability    : privilege escalation/denial of service
    Problem type     : local
    Qlustar-specific : no
    CVE Id(s)        : Not documented
  

A number of vulnerabilities and bugs have been discovered in the 4.14.x Linux kernel series since the last Qlustar release based on 4.14.105. They may lead to a denial of service or privilege escalation. Please check the following web pages that contain details of the fixes in each release after 4.14.105 up to the current Qlustar kernel 4.14.117:

    Linux kernel 4.14.117
    Linux kernel 4.14.116
    Linux kernel 4.14.115
    Linux kernel 4.14.114
    Linux kernel 4.14.113
    Linux kernel 4.14.112
    Linux kernel 4.14.111
    Linux kernel 4.14.110
    Linux kernel 4.14.109
    Linux kernel 4.14.108
    Linux kernel 4.14.107
    Linux kernel 4.14.106
  

Update instructions:

The problem can be corrected by updating your system to the following or more recent package versions (follow the Qlustar Update Instructions):

    linux-image-ql-generic                     4.14.117-ql-generic-10.1-18
    qlustar-module-core-xenial-amd64-10.1.1    10.1.1.4-b509f1240