Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

An error occurred while submitting your form. Please try again or file a bug report. Close

  1. Blog
  2. Article

Canonical
on 21 June 2017

Kernel Team Summary: June 22, 2017

CVE kernel Security

This newsletter is to provide a status update from the Ubuntu Kernel Team. There will also be highlights provided for any interesting subjects the team may be working on.

If you would like to reach the kernel team, you can find us at the #ubuntu-kernel channel on FreeNode. Alternatively, you can mail the Ubuntu Kernel Team mailing list at: [email protected]

Highlights

  • FWTS 17.06.00 released: https://wiki.ubuntu.com/FirmwareTestSuite/ReleaseNotes/17.06.00
  • Released stress-ng 0.08.05, new Real Time cyclic stressor and Real Time scheduling softlockup stressor.
  • Prepare 4.4.73 (Xenial)
  • Update artful/4.11 to v4.11.6
  • The embargo for CVE-2017-1000364 [1] has expired and the fix was
    released for the following packages in the updates and security pockets:
    • * Trusty
    • – linux 3.13.0-121.170
    • – linux-lts-xenial 4.4.0-81.104~14.04.1
    • * Xenial
    • – linux 4.4.0-81.104
    • – linux-aws 4.4.0-1020.29
    • – linux-gke 4.4.0-1016.16
    • – linux-raspi2 4.4.0-1059.67
    • – linux-snapdragon 4.4.0-1061.66
    • – linux-hwe 4.8.0-56.61~16.04.1
    • – linux-hwe-edge 4.10.0-24.28~16.04.1
    • – linux-joule 4.4.0-1003.8
    • * Yakkety
    • – linux 4.8.0-56.61
    • – linux-raspi2 4.8.0-1040.44
    • * Zesty
    • – linux 4.10.0-24.28
    • – linux-raspi2 4.10.0-1008.11

    Due to that, the proposed updates for the above packages being prepared
    on the current SRU cycle are being re-spun to include the fix.

    [1] CVE description: It was discovered that the stack guard page for
    processes in the Linux kernel was not sufficiently large enough to
    prevent overlapping with the heap. An attacker could leverage this with
    another vulnerability to execute arbitrary code and gain administrative
    privileges.

Devel Kernel Announcements

We intend to target a 4.13 kernel for the Ubuntu 17.10 release. The Ubuntu 17.10 Kernel Freeze is Thurs Oct 5, 2017.

Stable Kernel Announcements

Current cycle: 02-Jun through 24-Jun

  • 02-Jun Last day for kernel commits for this cycle
  • 05-Jun – 10-Jun Kernel prep week.
  • 11-Jun – 23-Jun Bug verification & Regression testing.
  • 26-Jun Release to -updates.

Next cycle: 23-Jun through 15-Jul

  • 23-Jun Last day for kernel commits for this cycle
  • 26-Jun – 01-Jul Kernel prep week.
  • 02-Jul – 14-Jul Bug verification & Regression testing..
  • 17-Jul Release to -updates.

Status: CVE’s

The current CVE status can be reviewed at the following:
http://people.canonical.com/~kernel/cve/pkg/ALL-linux.html

Related posts

Carlos Bravo
28 August 2025

Ubuntu Pro Minimal 22.04 LTS with CIS hardening is now generally available on AWS

Canonical announcements Article

August 28, 2025 – We are excited to announce the general availability of Ubuntu Pro Minimal 22.04 LTS with CIS hardening, a new variant of Ubuntu designed for organizations that require tight security controls, minimal attack surface, and out-of-the-box compliance. This new offering combines the efficiency of Minimal Ubuntu with the enter ...

Nicholas Morris
26 August 2025

Generating allow-lists with DNS monitoring on LXD

DevOps Article

Allow-listing web traffic – blocking all web traffic that has not been pre-approved – is a common practice in highly sensitive environments. It is also a challenge for developers and system administrators working in those environments. In this blog, we’ll cover an easy way to mitigate this challenge by using LXD to generate allow-lists.  ...

Jehudi
22 August 2025

A complete security view for every Ubuntu LTS VM on Azure

Compliance Article

Azure’s Update Manager now shows missing Ubuntu Pro updates for all Ubuntu Long-Term Support (LTS) releases: 18.04, 20.04, 22.04 and 24.04. The feature was first introduced for only 18.04 during its move to Expanded Security Maintenance. With this addition, Azure highlights where Ubuntu LTS instances would benefit from Expanded Security M ...