14 DAY TRIAL // Canonical has issued fixes for a number of Linux kernel vulnerabilities that have been identified and resolved by the developer for Ubuntu 14.10 (Utopic Unicorn).
This kind of updates is pretty normal for Ubuntu systems and most of the fixes are coming from upstream. Ubuntu 14.10 uses Linux kernel 3.16, which has been adapted for use with this particular system by Canonical. The fixes cover various security issues, some minor flaws, and a large number of other smaller changes.
"An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in attacking the kernel," is marked in Ubuntu's security advisory. This is just one of the issues that have been corrected.
As usual, the normal procedure would be to upgrade the operating system. This is usually done with the Software Update and you need to be root in order to complete the procedure. Users will need to reboot the system, just like any other Linux kernel update.
Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall and recompile all third-party kernel modules you might have installed. Moreover, if you use the linux-restricted-modules package, you have to update it as well to get modules that work with the new Linux kernel version.
This is especially true if you manually installed the NVIDIA drivers, for example, in which case you will have to recompile the headers.
