14 DAY TRIAL // Canonical, through John Johansen, announced earlier today, March 12, that a newly discovered Linux kernel vulnerability has been patched in the kernel packages of Ubuntu 14.10 (Utopic Unicorn), Ubuntu 14.04 LTS (Trusty Tahr), Ubuntu 12.04 LTS (Precise Pangolin), and Ubuntu 10.04 LTS (Lucid Lynx).
An issue with the Infiniband subsystem in Linux kernel has been discovered recently, as the input parameters were not properly sanitized during registration of memory regions from userspace. As such, a local user could cause a DoS (Denial of Service) attack and crash the system or run programs with administrative privileges.
More details about this Linux kernel vulnerability can be found here. The new kernels are linux-image-2.6.32-73 (2.6.32-73.141) for Ubuntu 10.04 LTS, linux-image-3.2.0-77 (3.2.0-77.114) for Ubuntu 12.04 LTS, linux-image-3.13.0-46 (3.13.0-46.79) for Ubuntu 14.04 LTS, and linux-image-3.16.0-31 (3.16.0-31.43) for Ubuntu 14.10.
Therefore, Canonical urges users to update their systems as soon as possible. The sooner, the better. To update, open the Software Updater tool and click the “Install Now” button when asked if you want to install the updates. Alternatively, you can open a terminal window and type the “sudo apt-get update && sudo apt-get dist-upgrade” command. Don’t forget to reboot your system after the update.