14 DAY TRIAL // Numerous Linux kernel vulnerabilities have been found and corrected in the Ubuntu 14.10 (Utopic Unicorn) operating system. Canonical has pushed a new update for this important kernel and users should already be able to download it.
The Linux kernel for Ubuntu 14.10 (Utopic Unicorn) has been upgraded and quite a few things have been fixed by the developers. Some of the exploits are more dangerous than others, but nothing really stands out.
"A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the guest OS," is noted in the security notice.
This is just one of the vulnerabilities closed by this update, and Ubuntu users will get the new version via the Software Update.
The security flaws can be fixed if users upgrade the system to the linux-image-3.16.0-31-generic (3.16.0-31.41), but this is only true for Ubuntu 14.10 (Utopic Unicorn). The other operating systems in the family will have a different kind of kernel.
ATTENTION: Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall and recompile all third-party kernel modules you might have installed. Moreover, if you use the linux-restricted-modules package, you have to update it as well to get modules that work with the new Linux kernel version.
The Linux kernels for the other supported Ubuntu OSes have been updated as well.