========================================================================== Ubuntu Security Notice USN-2529-1 March 12, 2015 linux-lts-utopic vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.04 LTS Summary: The system could be made to crash or run programs as an administrator. Software Description: - linux-lts-utopic: Linux hardware enablement kernel from Utopic Details: It was discovered that the Linux kernel's Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.04 LTS: linux-image-3.16.0-31-generic 3.16.0-31.43~14.04.1 linux-image-3.16.0-31-generic-lpae 3.16.0-31.43~14.04.1 linux-image-3.16.0-31-lowlatency 3.16.0-31.43~14.04.1 linux-image-3.16.0-31-powerpc-e500mc 3.16.0-31.43~14.04.1 linux-image-3.16.0-31-powerpc-smp 3.16.0-31.43~14.04.1 linux-image-3.16.0-31-powerpc64-emb 3.16.0-31.43~14.04.1 linux-image-3.16.0-31-powerpc64-smp 3.16.0-31.43~14.04.1 After a standard system update you need to reboot your computer to make all the necessary changes. References: https://www.ubuntu.com/usn/usn-2529-1 CVE-2014-8159 Package Information: https://launchpad.net/ubuntu/+source/linux-lts-utopic/3.16.0-31.43~14.04.1
Ubuntu 2529-1: Linux kernel (Utopic HWE) vulnerability
The system could be made to crash or run programs as an administrator.
