The most significant of these are four problems with Linux's implementation of the
ext4 filesystem. Ext4 is the most commonly used Linux filesystem, and it's the Ubuntu Linux family's default file system.
All these bugs, which were discovered by Wen Xu, a Georgia Tech computer-science graduate student, could be used to create to create a malicious ext4 image. Such an image, when mounted, could cause a system crash or possibly be used to execute arbitrary code.
Two other security problems (
CVE-2018-16882 and
CVE-2018-19407) hit Linux's built-in Kernel-based Virtual Machine (KVM). With this, a local attacker in a guest virtual machine could conceivably get root-level privileges in the host machine or a system crash.
