New Linux Kernel Vulnerability Patched in Three LTS Ubuntu Distros

The flow affected x86_64 processors, as well as various Linux kernels

By on July 7th, 2014 07:07 GMT

The Ubuntu development team announced a couple of days ago, on July 5, in a security notice that they have updated the Linux kernel packages on the Ubuntu 10.04 LTS (Lucid Lynx), Ubuntu 12.04 LTS (Precise Pangolin), and Ubuntu 14.04 LTS (Trusty Tahr) operating systems, fixing a security issue that was found recently in the upstream Linux kernel packages.

A flaw was recently discovered in the ptrace syscall function of Linux kernel 2.6, 3.2, and 3.13, affecting only x86_64 processors. This could be easily exploited by an attacker, which could cause a DoS (Denial of Service) attack or gain root privileges.

The security flaw was discovered by Andy Lutomirski and can be easily fixed by upgrading your Ubuntu 14.04 LTS system(s) to the linux-image-3.13.0-30 (3.13.0-30.55) package(s), Ubuntu 12.04 LTS to the linux-image-3.2.0-65 (3.2.0-65.99) package(s), and Ubuntu 10.04 LTS to the linux-image-2.6.32-62 (2.6.32-62.126) package(s).

To apply the new build, you must open the Update Manager application and install all the available updates. Please read the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades for more details.

Additional information about this Linux kernel security issue can be found in the CVE-2014-4699 reference. Don't forget to reboot your computer after the upgrade!

Comments