A couple of Linux kernel vulnerabilities have been found in the Linux kernel of Ubuntu 14.04 LTS (Trusty Tahr) operating system and they have been corrected by Canonical.
Ubuntu developers have issued a new kernel update for the latest 14.04 LTS release, this time fixing a number of security problems with the distro.
According to the security notice, “Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit this flaw to by-pass mount restrictions, and potentially gain administrative privileges.”
More details about this issue can be found in the security notice. Ubuntu users will get the new version via the Software Update.
The security flaws can be fixed if users upgrade the system(s) to the linux-image-3.13.0-34-generic (3.13.0-34.60), but this is only true for Ubuntu 14.04 LTS (Trusty Tahr), the only system affected by this vulnerability.
ATTENTION: Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall and recompile all third-party kernel modules you might have installed. Moreover, if you use the linux-restricted-modules package, you have to update it as well to get modules that work with the new Linux kernel version.