14 DAY TRIAL // Canonical has published earlier a new security notice for all of its supported Ubuntu Linux operating systems, informing users that a Linux kernel vulnerability has been patched, urging them to update their systems as soon as possible.
The respective security issue, discovered by Philip Pettersson in Linux kernel's OverlayFS filesystem, affects the Ubuntu 15.04 (Vivid Vervet), Ubuntu 14.10 (Utopic Unicorn), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 LTS (Precise Pangolin) operating systems, as well as their derivatives.
At the moment, all the Ubuntu OSes mentioned above are vulnerable to this security flaw, as a local user could exploit it easily and obtain administrative privileges to run programs as a system administrator. More details can be found by accessing CVE-2015-1328.
"Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system," reads the Ubuntu Security Notice posted by Canonical on June 15, 2015.
All Ubuntu users are urged to update as soon as possible
The security flaw can be patched today by updating Ubuntu 15.04 to linux-image-3.19.0-21 (3.19.0-21.21), Ubuntu 14.10 to linux-image-3.16.0-41 (3.16.0-41.55), Ubuntu 14.04 LTS to linux-image-3.13.0-55 (3.13.0-55.92), and Ubuntu 12.04 LTS to linux-image-3.2.0-86 (3.2.0-86.123).
To update, open the Unity Dash and search for the Software Updater utility. Open it, wait for the application to search for existing updates, than apply them. Make sure you reboot your computer after a successful update process. Also, please note that you must manually rebuild and reinstall any third-party kernel modules.