Kernel Team Summary: June 22, 2017
Canonical
on 21 June 2017
This newsletter is to provide a status update from the Ubuntu Kernel Team. There will also be highlights provided for any interesting subjects the team may be working on.
If you would like to reach the kernel team, you can find us at the #ubuntu-kernel channel on FreeNode. Alternatively, you can mail the Ubuntu Kernel Team mailing list at: kernel-team@lists.ubuntu.com
Highlights
- FWTS 17.06.00 released: https://wiki.ubuntu.com/FirmwareTestSuite/ReleaseNotes/17.06.00
- Released stress-ng 0.08.05, new Real Time cyclic stressor and Real Time scheduling softlockup stressor.
- Prepare 4.4.73 (Xenial)
- Update artful/4.11 to v4.11.6
- The embargo for CVE-2017-1000364 [1] has expired and the fix was
released for the following packages in the updates and security pockets: - * Trusty
- – linux 3.13.0-121.170
- – linux-lts-xenial 4.4.0-81.104~14.04.1
- * Xenial
- – linux 4.4.0-81.104
- – linux-aws 4.4.0-1020.29
- – linux-gke 4.4.0-1016.16
- – linux-raspi2 4.4.0-1059.67
- – linux-snapdragon 4.4.0-1061.66
- – linux-hwe 4.8.0-56.61~16.04.1
- – linux-hwe-edge 4.10.0-24.28~16.04.1
- – linux-joule 4.4.0-1003.8
- * Yakkety
- – linux 4.8.0-56.61
- – linux-raspi2 4.8.0-1040.44
- * Zesty
- – linux 4.10.0-24.28
- – linux-raspi2 4.10.0-1008.11
Due to that, the proposed updates for the above packages being prepared
on the current SRU cycle are being re-spun to include the fix.
[1] CVE description: It was discovered that the stack guard page for
processes in the Linux kernel was not sufficiently large enough to
prevent overlapping with the heap. An attacker could leverage this with
another vulnerability to execute arbitrary code and gain administrative
privileges.
Devel Kernel Announcements
We intend to target a 4.13 kernel for the Ubuntu 17.10 release. The Ubuntu 17.10 Kernel Freeze is Thurs Oct 5, 2017.
Stable Kernel Announcements
Current cycle: 02-Jun through 24-Jun
- 02-Jun Last day for kernel commits for this cycle
- 05-Jun – 10-Jun Kernel prep week.
- 11-Jun – 23-Jun Bug verification & Regression testing.
- 26-Jun Release to -updates.
Next cycle: 23-Jun through 15-Jul
- 23-Jun Last day for kernel commits for this cycle
- 26-Jun – 01-Jul Kernel prep week.
- 02-Jul – 14-Jul Bug verification & Regression testing..
- 17-Jul Release to -updates.
Status: CVE’s
The current CVE status can be reviewed at the following:
http://people.canonical.com/~kernel/cve/pkg/ALL-linux.html
Ubuntu cloud
Ubuntu offers all the training, software infrastructure, tools, services and support you need for your public and private clouds.
Newsletter signup
Related posts
Zenbleed vulnerability fix for Ubuntu
On 24 July 2023, security researchers from Google’s Information Security Engineering team disclosed a hardware vulnerability affecting AMD’s Zen 2 family of...
Canonical announces Ubuntu Security Research Alliance Program
Today, Canonical, the publisher of Ubuntu, announced its new Ubuntu Security Research Alliance Program, a free partnership between Canonical and open source...
Needrestart local privilege escalation vulnerability fixes available
Qualys discovered vulnerabilities which allow a local attacker to gain root privileges in the needrestart package (CVE-2024-48990, CVE-2024-48991,...