Users are urged to update as soon as possible

Oct 20, 2015 21:00 GMT  ·  By

Canonical has announced earlier today, October 20, that they've released updated kernel packages for the Ubuntu 12.04 LTS (Precise Pangolin) operating system, patching two security vulnerabilities.

The first security flaw was discovered in Linux kernel's virtio networking, which wasn't capable of correctly handling fragments, thus leading to kernel memory corruption. This could allow a remote attacker to crash the system by causing a denial of service, or execute code as root. More details can be found at CVE-2015-5156.

The second kernel vulnerability was discovered in Linux kernel's RDS (Reliable Datagram Sockets) implementation, which was not capable of properly verifying sockets before sending a message. This could enable an attacker to crash the system by causing a denial of service (DoS). More details can be found at CVE-2015-6937.

Canonical urges all users of the Ubuntu 12.04 LTS (Precise Pangolin) operating system, as well as all of its derivatives, including Kubuntu, Xubuntu, Lubuntu, etc., to update the kernel packages as soon as possible. The new kernel version is now live on the main software repositories.

To update, run the Software Updater utility, wait for the repositories to be refreshed, and then apply all available updates. A kernel update requires you to reboot your computer. After reboot, make sure that the new kernel version is linux-image-3.2.0-92 (3.2.0-92.130) by running the "uname -a" command in the Terminal app (without quotes).