Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in the kernel.
Software Description:
- linux: Linux kernel
Details:
A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of
the SYSTENTER instruction when the guest OS does not initialize the
SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of
service of the guest OS (crash) or potentially gain privileges on the guest
OS. (CVE-2015-0239)
A flaw was discovered in the automatic loading of modules in the crypto
subsystem of the Linux kernel. A local user could exploit this flaw to load
installed kernel modules, increasing the attack surface and potentially
using this to gain administrative privileges. (CVE-2013-7421)
Andy Lutomirski discovered a flaw in how the Linux kernel handles
pivot_root when used with a chroot directory. A local user could exploit
this flaw to cause a denial of service (mount-tree loop). (CVE-2014-7970)
A restriction bypass was discovered in iptables when con...
The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: linux-image-3.2.0-77-generic 3.2.0-77.112 linux-image-3.2.0-77-generic-pae 3.2.0-77.112 linux-image-3.2.0-77-highbank 3.2.0-77.112 linux-image-3.2.0-77-omap 3.2.0-77.112 linux-image-3.2.0-77-powerpc-smp 3.2.0-77.112 linux-image-3.2.0-77-powerpc64-smp 3.2.0-77.112 linux-image-3.2.0-77-virtual 3.2.0-77.112 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well.
https://ubuntu.com/security/notices/USN-2513-1
CVE-2013-7421, CVE-2014-7970, CVE-2014-8160, CVE-2014-9529,
CVE-2014-9584, CVE-2014-9585, CVE-2014-9644, CVE-2015-0239
Get the latest Linux and open source security news straight to your inbox.