The latest Ubuntu Server has exposed a local privilege escalation vulnerability (CVE-2017-16995). This vulnerability has been fixed in earlier versions but has resurfaced in the latest version. Attackers can directly gain root privileges through this vulnerability.
Currently Ubuntu has not released the patch yet.
Affected version:
Currently we know:
Ubuntu 16.04.4 (the latest version)
Recommended Solution
Ubuntu has not released the patch yet. Users are advised to pay close attention and take actions against this highly risky vulnerability.
Reference links:
https://usn.ubuntu.com/
https://www.ubuntu.com/download/server
Users may consider disallowing unauthorized users’ usage of the bpf kernel switch for temporary protection.
# echo 1 > /proc/sys/kernel/unprivileged_bpf_disabled
Reference link:
https://github.com/torvalds/linux/commit/95a762e2c8c942780948091f8f2a4f32fce1ac6f
This is a temporary measure and we will update once an official fix is released from Ubuntu.
