Canonical has released an important kernel update for its still supported Ubuntu 10.04 LTS (Lucid Lynx) Server operating system, fixing five vulnerabilities discovered in the upstream Linux kernel 2.6.32 packages by various developers and kernel hackers.
The first security issue is related to a flaw discovered in the Linux kernel's compat ioctls for Adaptec AACRAID SCSI RAID devices, which could allow an unprivileged local user to compromise the data stored on those devices by sending administrative commands.
The other four security issues are actually information leaks that were discovered in Linux kernel's recvfrom, recvmsg, and recvmmsg system calls, Phonet (Phone Network Protocol), L2TP (Layer 2 Tunneling Protocol), and IEEE 802.15.4 (Low-Rate Wireless Personal Area Networks), which could allow a local user to access sensitive information from the kernel’s stack memory.
Users are urged to upgrade their Ubuntu 10.04 LTS Server systems to the new kernel packages (linux-image-2.6.32-56 (2.6.32-56.118)) as soon as possible. To apply the update, execute the sudo apt-get update && sudo apt-get dist-upgrade command from the Linux Terminal, or follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades.
Don't forget to reboot your computer after the upgrade!