14 DAY TRIAL // Canonical, the company behind the world's most popular free operating system, Ubuntu Linux, has published multiple Ubuntu Security Notices to inform users about major kernel updates for all of its supported Ubuntu OSes.
For all systems, the update addresses a use-after-free vulnerability in Linux kernel's AF_UNIX implementation, which could have allowed a local attacker to expose sensitive information or crash the host system via a denial-of-service (DoS) attack by crafting epoll_ctl calls. It also fixes a security flaw in Linux kernel's Kernel-based Virtual Machine (KVM) implementation leading to DoS attacks.
Only for Ubuntu 12.04 LTS, there's a fix for a security vulnerability in Linux kernel's PPP implementation, which couldn't correctly validate certain slot numbers, thus allowing local attackers to cause a denial-of-service (DoS) attack and crash the host system by calling ioctl() on /dev/ppp.
On the other hand, only for Ubuntu 15.10, the kernel update contains a patch for a race between revoke and read operations in Linux kernel's keyring subsystem, enabling a local attacker to crash the system via a denial-of-service (DoS) attack. The next two vulnerabilities were patched in all Ubuntu Linux systems.
While the first one is a race condition in Linux kernel's Reliable Datagram Sockets (RDS), discovered by Sasha Levin when checking if a socket was bound or not, which could have allowed a local attacker to crash the system by causing a denial-of-service (DoS), the second one is a security flaw in the Btrfs file system that let local attackers expose sensitive information.
Users are urged to update as soon as possible
Furthermore, it was discovered that Linux kernel's networking implementation could not correctly validate protocol identifiers for specific protocol families, which could have let a local attacker elevate his/her privileges or crash the host system by causing a denial-of-service (DoS) attack.
There's also a patch for a vulnerability in Linux kernel's PPTP implementation that could allow a local attacker to reveal sensitive information from the kernel memory through a crafted app.
Only for Ubuntu 15.10, it was discovered that Linux kernel's Bluetooth implementation wasn't capable of validating the socket address length for SCO (Synchronous Connection-Oriented) sockets, thus allowing a local attacker to expose sensitive information.
Moreover, for both Ubuntu 15.10 and Ubuntu 15.04, there's a patch for a vulnerability in Linux kernel's netfilter Network Address Translation (NAT) implementation, which could have enabled an attacker to crash the system via a denial-of-service (DoS) attack.
Lastly, there's a patch for a security issue in Linux kernel's FUSE (Filesystem in Userspace) implementation that could allow a local attacker to cause a denial-of-service (DoS) attack only on Ubuntu 12.04 LTS.
The new kernel versions are linux-image-4.2.0-27 (4.2.0-27.32) for Ubuntu 15.10, linux-image-4.2.0-1022-raspi2 (4.2.0-1022.29) for Ubuntu 15.10 for Raspberry Pi 2, linux-image-3.19.0-49 (3.19.0-49.55) for Ubuntu 15.04, linux-image-3.13.0-77 (3.13.0-77.121) for Ubuntu 14.04 LTS, and linux-image-3.2.0-98 (3.2.0-98.138) for Ubuntu 12.04 LTS.
Again, the new kernel updates are available for Ubuntu 15.10 (Wily Werewolf), Ubuntu 15.10 for Raspberry Pi 2, Ubuntu 15.04 (Vivid Vervet), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 LTS (Precise Pangolin), and we urge users to update their systems as soon as possible.
To update, run the Software Updater utility from the Dash, wait for the app to reload the repos, and search for updates, and then click the "Install" button to apply the updates. Don't forget to reboot your machine after the updates are installed.
In related news, Ubuntu 16.04 LTS (Xenial Xerus) received Linux kernel 4.4 LTS on February 1, 2016.