Today, July 14, 2016, Canonical published multiple security notices to inform users of the Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr) and Ubuntu 15.10 (Wily Werewolf) operating systems about the availability of a new kernel update.
According to Canonical, a vulnerability was discovered recently in the memory manager of the Linux kernel packages of the aforementioned Ubuntu OSes that could be used by a local attacker to crash the system using a Denial of Service (DoS) attack. The security flaw was discovered by Jan Stancek.
“Jan Stancek discovered that the Linux kernel’s memory manager did not properly handle moving pages mapped by the asynchronous I/O (AIO) ring buffer to the other nodes. A local attacker could use this to cause a denial of service (system crash),” reads one of the security notices published today by Canonical.
The kernel vulnerability has been fully documented at CVE-2016-3070, and it affects multiple Linux kernel versions, including the long-term supported Linux 4.4, Linux 4.2, as well as Linux 3.13 and 3.19, which means that it could affects other GNU/Linux distributions that are using these kernels.
Canonical urges all users to update their systems as soon as possible
As expected, Canonical urges all users of the Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 15.10 (Wily Werewolf), and Ubuntu 14.04 LTS (Trusty Tahr) operating systems to update to the new kernel versions (see below for details) as soon as possible. To update, open the Software Updater utility from the Unity Dash and apply all available updates.
The new kernel versions are linux-image-4.4.0-31 (4.4.0-31.33) for Ubuntu 16.04 LTS, linux-image-4.2.0-42 (4.2.0-42.49) for Ubuntu 15.10, linux-image-3.13.0-92 (3.13.0-92.139) for Ubuntu 14.04 LTS, linux-image-3.19.0-65 (3.19.0-65.73~14.04.1) for Ubuntu 14.04.1 LTS or later, and linux-image-4.2.0-1034-raspi2 4.2.0-1034.44 for Ubuntu 15.10 for Raspberry Pi.
As Ubuntu Linux doesn’t yet feature the live patching technology in its kernel packages, you will have to reboot your system for installing the new kernel version. Please also note that it might be neccessary to rebuild any third-party kernel modules you might have installed. More details can be found at https://wiki.ubuntu.com/Security/Upgrades.