Users need to upgrade the operating system as soon as possible

Sep 5, 2014 14:41 GMT  ·  By

A number of Linux kernel vulnerabilities discovered in the Linux kernel affecting the Ubuntu 14.04 LTS (Trusty Tahr) operating system have been fixed by Canonical.

Ubuntu developers have released a new Linux kernel update for Ubuntu 14.04 LTS, which is the latest version released by Canonical. It's nothing out of the ordinary, but it would be a good idea to update.

“A flaw was discovered in the Linux kernel virtual machine's (kvm) validation of interrupt requests (irq). A guest OS user could exploit this flaw to cause a denial of service (host OS crash).”

“Andy Lutomirski discovered a flaw in the authorization of netlink socket operations when a socket is passed to a process of more privilege. A local user could exploit this flaw to bypass access restrictions by having a privileged executable do something it was not intended to do.”

These are just two of the vulnerabilities closed by this update, and Ubuntu users will get the new version via the Software Update.

The security flaws can be fixed if users upgrade the system(s) to the linux-image-3.13.0-35-generic, (3.13.0-35.62), but this is only true for Ubuntu 14.04 LTS (Trusty Tahr). Other operating systems feature different Linux kernels and the versions will be different.

ATTENTION: Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall and recompile all third-party kernel modules you might have installed. Moreover, if you use the linux-restricted-modules package, you have to update it as well to get modules that work with the new Linux kernel version.