The latest Ubuntu Server has exposed a local privilege escalation vulnerability (CVE-2017-16995). This vulnerability has been fixed in earlier versions but has resurfaced in the latest version. Attackers can directly gain root privileges through this vulnerability.
Currently Ubuntu has not released the patch yet.
Currently we know:
Ubuntu 16.04.4 (the latest version)
Ubuntu has not released the patch yet. Users are advised to pay close attention and take actions against this highly risky vulnerability.
Users may consider disallowing unauthorized users’ usage of the bpf kernel switch for temporary protection.
# echo 1 > /proc/sys/kernel/unprivileged_bpf_disabled
This is a temporary measure and we will update once an official fix is released from Ubuntu.