14 DAY TRIAL // On September 9, Canonical published a new Ubuntu Security Notice document informing users about a new kernel update for its Ubuntu 15.04 (Vivid Vervet) operating system, urging them to upgrade as soon as possible.
An integer overflow error was discovered in Linux kernel's SCSI generic (sg) driver, which could allow a local attacker that had write permissions to an SCSI generic device to crash the system via a DoS (Denial of Service) attack or to gain root access.
"A security issue affects these releases of Ubuntu and its derivatives, Ubuntu 15.04. The system could be made to crash or run programs as an administrator," said Canonical in the Ubuntu Security Notice USN-2738-1 document.
The issue affects the Ubuntu 15.04 (Vivid Vervet) operating system, as well as all of its derivatives, including official and unofficial ones. To correct the problem, you need to update your system as soon as possible.
To update manually, fire up the Software Updater utility. Let it check for available updates and then apply them all. Don't forget to reboot your computer for the kernel update to be applied correctly.
After the update, make sure that your kernel packages are at version linux-image-3.19.0-28 (3.19.0-28.30) by running the "uname -a" command in a terminal emulator window. Additionally, you may need to update any third-party kernel modules you have installed.
Ubuntu 14.04 LTS and 12.04 LTS have been updated too
We remind everyone that last week, on September 3, Canonical patched multiple critical issues in the Linux kernel packages of its supported Ubuntu 12.04 LTS (Precise Pangolin) and Ubuntu 14.04 LTS (Trusty Tahr) operating systems.
If you're using these OSes, you are urged to update the kernel packages as soon as possible in order to correct the problems. For more details, you can always check out our initial report.