The Debian Project team has notified users of the Debian GNU/Linux 9 Stretch distribution that they should upgrade their systems immediately. The updated version upgrades the kernel by fixing two vulnerabilities.
The new Linux kernel security update is reported to be experiencing the flaw CVE-2018-15471 discovered by Felix Wilhelm Google Project Zero:
"Google Project Zero's Felix Wilhelm has discovered a flaw in the hash handling of the xen-netback Linux kernel module. "A malicious or buggy work environment can lead to access (usually with increased privileges), denial of service or leaks of information." security announcement published by Salvatore Bonaccorso.
Naturally, the Debian Project Security Team recommends that all users of the Debian GNU / Linux 9 Stretch distribution should immediately update the kernel to 4.9.110-3 + deb9u6.
The update is already available in the distribution's main repositories. So to upgrade the kernel, open one terminal and type the following command:
sudo apt-get update && sudo apt-get full-upgrade
Η new edition it will replace last week's 4.9.110-3+deb9u5 kernel, which fixed 18 vulnerabilities.
____________________
