Linux News Today: Canonical Patches ALSA USB MIDI Linux Kernel Driver Issue in Ubuntu 12.04 LTS
A few minutes ago, Canonical published a new Ubuntu Security Notice to inform users of the Ubuntu 12.04 LTS (Precise Pangolin) operating system about the availability of a kernel update.
The update patches a security issue that affects the Linux kernel packages used in Ubuntu 12.04 LTS, linux-image-3.2.0, as well as any of its official or unofficial derivatives, such as Xubuntu, Kubuntu, Edubuntu, etc.
The kernel vulnerability has been discovered by Andrey Konovalov in the ALSA USB MIDI driver of the upstream Linux 3.2 kernel packages, which incorrectly performed a double-free.
A local attacker could have exploited the security issue if he had had physical access to the vulnerable machine running Ubuntu 12.04 LTS to crash the system by causing a denial of service (DoS) or execute code with root privileges.
Canonical urges all users of the Ubuntu 12.04 LTS (Precise Pangolin) operating system and its derivatives using the linux-image-3.2.0 kernel to update their systems to linux-image-3.2.0-101 (3.2.0-101.141) as soon as possible.
The kernel update is now live in the main software repositories, so all you have to do is to open the Software Updater utility or your favorite package manager (e.g. Synaptic Package Manager) and apply all existing updates.
After a kernel update, you need to reboot your computer for the new version to be applied correctly. Please also note the fact that you must rebuilt any third-party kernel modules you might have installed.