Linux News Today: Canonical Patches Two Linux Kernel Vulnerabilities in Ubuntu 12.04 LTS, Update Now
We reported earlier that Canonical released new kernel updates for its Ubuntu Linux operating systems, including Ubuntu 12.04 LTS (Precise Pangolin), which is the oldest long-term supported version.
The first issue patched in Ubuntu 12.04 LTS, is a security flaw that have been discovered recently by Dmitry Vyukov in Linux kernel’s keyring handler, which attempted to garbage collect incompletely instantiated keys, allowing an unprivileged local attacker to crash the system by causing a denial of service (DoS).
The second secutiy flaw was discovered by Jan Beulich in the Linux 3.2 kernel packages, as the KVM (Kernel-based Virtual Machine) svm hypervisor implementation failed to catch debug exceptions on AMD processors, thus allowing an attacker that had access to a guest VM to crash the system by causing a denial of service in the host OS.
If you’re using Ubuntu 12.04 LTS (Precise Pangolin), you are urged to update the kernel packages to version linux-image-3.2.0-96 (3.2.0-96.136) as soon as possible. The update is now live in the operating system’s default software repositories, so all you have to do is to run the Software Updater utility and apply all available updates.
As usual, don’t forget to reboot your machine after the update, as well as to rebuild any third-party kernel packages you might have installed. More details can be found at https://wiki.ubuntu.com/Security/Upgrades and on today’s Ubuntu Security Notice USN-2840-1.