14 DAY TRIAL // Quite a few Linux kernel vulnerabilities discovered in the Linux kernel affecting the Ubuntu 14.04 LTS (Trusty Tahr) operating system have been fixed by the developers.
The Linux kernel currently used in Ubuntu 14.04 LTS reached end of life soon after the launch of the operating system, but Canonical picked up its maintenance and the devs are now working to implement fixes and other changes.
“Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol (PPP) when used with the Layer Two Tunneling Protocol (L2TP). A local user could exploit this flaw to gain administrative privileges.”
“Salva Peiró discovered an information leak in the Linux kernel's media-device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory,” reads the official security notification.
These are just two of the vulnerabilities closed by this update, which should arrive on the regular channels when using the Software Updater.
The security flaws can be fixed if users upgrade the system(s) to the linux-image-3.13.0-32-generic, (3.13.0-32.57), but this is only true for Ubuntu 14.04 LTS (Trusty Tahr). Other operating systems feature different Linux kernels and the versions will be different.
ATTENTION: Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall and recompile all third-party kernel modules you might have installed. Moreover, if you use the linux-restricted-modules package, you have to update it as well to get modules that work with the new Linux kernel version.