Canonical Patches Two Linux Kernel Vulnerabilities in Ubuntu 12.04 LTS, Update Now

The first issue patched in Ubuntu 12.04 LTS is a security flaw that has recently been discovered by Dmitry Vyukov in Linux kernel’s keyring handler, which attempted to garbage-collect incompletely instantiated keys, allowing an unprivileged local attacker to crash the system by causing a denial of service (DoS).

The second security flaw has been discovered by Jan Beulich in the Linux 3.2 kernel packages, as the KVM (Kernel-based Virtual Machine) svm hypervisor implementation failed to catch debug exceptions on AMD processors, thus allowing an attacker that had access to a guest VM to crash the system by causing a denial of service in the host OS.

If you’re using Ubuntu 12.04 LTS (Precise Pangolin), you are urged to update the kernel packages to version linux-image-3.2.0-96 (3.2.0-96.136) as soon as possible. The update is now live in the operating system’s default software repositories, so all you have to do is run the Software Updater utility and apply all available updates.

As usual, don’t forget to reboot your machine after the update, as well as rebuild any third-party kernel packages you might have installed. More details can be found at https://wiki.ubuntu.com/Security/Upgrades and on today’s Ubuntu Security Notice USN-2840-1.



Leave a Reply

Your email address will not be published. Required fields are marked *