The Debian team Project announced to users of the Debian GNU/Linux 9 Stretch distribution that they should upgrade their systems immediately. The update upgrades the kernel by fixing two vulnerabilities.
The new Linux kernel security update is reported to be experiencing the flaw CVE-2018-15471 discovered by Felix Wilhelm of Google Project Zero:
"Felix Wilhelm of Google Project Zero discovered a flaw in the hash handling of the xen-netback Linux kernel module. One malicious or buggy interface can cause access (usually with elevated privileges) denial of service or information leaks,” states the security announcement published by Salvatore Bonaccorso.
Naturally, the Debian Project Security Team recommends that all users of the Debian GNU / Linux 9 Stretch distribution should immediately update the kernel to 4.9.110-3 + deb9u6.
The update is already available in the main repositories of the distribution. So to upgrade the kernel, open a terminal and type the following command:
sudo apt-get update && sudo apt-get full-upgrade
The new version will replace the 4.9.110-3 + deb9u5 kernel of the previous week, which repaired 18 vulnerabilities.
____________________