Support for Ubuntu 12.10 will end this spring, in April 2014

Feb 28, 2014 11:56 GMT  ·  By

The Ubuntu 12.10 (Quantal Quetzal) Linux operating system received a kernel update, which fixes four vulnerabilities found in the upstream Linux 3.5 kernel packages by various developers.

Thanks to Vasily Kulikov, it was discovered that an unprivileged local user could access sensitive information from the kernel memory because of a flaw in the Linux kernel's implementation of ptrace.

Fabian Yamaguchi and Nico Golde discovered a flaw in Linux kernel's debugfs file system, which could allow an administrative local user to cause a denial of service (OOPS). Furthermore, the same team discovered a flaw in the Linux kernel’s driver for Adaptec AACRAID SCSI RAID devices, which could allow a local user to cause a DoS (Denial of Service) attack.

The fourth flaw is related to the handling of memory regions on the KVM (Kernel Virtual Machine) subsystem, which could allow a local user that had access to assign a device to cause DoS (Denial of Service) attack.

These vulnerabilities can be patched by updating your Ubuntu 12.10 operating system(s) to the linux-image-3.5.0-46 (3.5.0-46.70) package(s). In order to do that, you can use the built-in Update Manager software or follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades.

Don’t forget to reboot your computer after the update!