14 DAY TRIAL // On May 20, Canonical published a new Ubuntu security notice where they inform users about the immediate availability of a new kernel update for its Ubuntu 14.04 LTS (Trusty Tahr) operating system.
Today's kernel update for Ubuntu 14.04 LTS patches several security vulnerabilities that have been recently discovered in the Linux 3.13 kernel packages that are used in the vanilla version of Trusty Tahr.
The first Linux kernel security flaw patched in today's update was identified by Vincent Tondellier in the Netfilter connection tracking, and it could allow an attacker on the LAN (Local Area Network) to crash the affected system by causing a denial of service (DoS).
The second Linux kernel security flaw that was patched today was discovered by Jan Beulich in the Xen virtual machine subsystem, and it could allow a local guest user to crash the host system by causing a denial of service (DoS) attack.
The third Linux kernel security flaw that got patched today was discovered in the fork syscal vi the int80 entry on 64-bit kernels that had support for emulating 32-bit architectures. It could allow a local unprivileged attacker to escalate their privileges on the system.
Lastly, a memory corruption problem discovered in Linux kernel's AES decryption code, which could let a remote attacker escalate privileges on Intel machines with AEC-GCM mode IPSec security association or crash the system by causing a denial of service (DoS), was also patched today.
Canonical urges all users to update their Ubuntu systems immediately
As expected, all users of the vanilla Ubuntu 14.04 LTS (Trusty Tahr) operating system that uses the Linux kernel 3.13 packages are urged to update their systems as soon as possible. The new kernel packages are already available in the main software repositories.
To update, open the Unity Dash, search for Software Updater, open the application, wait for it to load the software sources and list new updates, and then press the "Update" button to upgrade your Ubuntu 14.04 LTS system.
Once the update process finishes, you will have to reboot your machine for the new kernel packages to become active. Also, make sure that your kernel packages match the ones posted by Canonical in today's announcement, linux-image-3.13.0-53 (3.13.0-53.88).