14 DAY TRIAL // After having informed users about the immediate availability of a new kernel update for the Ubuntu 14.04 LTS (Trusty Tahr) operating system, Canonical has also announced that Ubuntu 14.10 (Utopic Unicorn) received an important kernel update.
The new kernel update patches four security issues (CVE-2015-2150, CVE-2015-2666, CVE-2015-2830, and CVE-2015-2922) that were discovered in the upstream Linux 3.16 kernel packages by various developers and are used in both Ubuntu 14.10 and Ubuntu 14.04.2 LTS operating systems.
The first kernel vulnerability was discovered by Jan Beulich in the Linux kernel's Xen virtual machine subsystem, as it didn't correctly restrict access to PCI command registers, which could allow a local guest user to crash the host by causing a DoS (Denial of Service).
The second security flaw discovered is a stack overflow in the microcode loader for the Intel x86 platform, which could let a local attacker run code with root privileges or cause a kernel crash via a DoS (Denial of Service) attack.
The third kernel vulnerability is a privilege escalation in Linux kernel's fork syscal vi the int80 entry on 64-bit version that offers 32-bit emulation support, which could allow an unprivileged local attacker to escalate their privileges on the host system.
The fourth flaw was discovered in the IPv6 networking stack of the upstream Linux 3.16 kernel, which could enable an unprivileged attacker on the LAN (Local Area Network) to cause a DoS (Denial of Service) attack by dropping IPv6 messages.
All Ubuntu 14.10 users are urged to update as soon as possible
Canonical urges all Ubuntu 14.10 (Utopic Unicorn) users as well as those using the Ubuntu 14.04.2 LTS (Trusty Tahr) operating systems to update their kernel packages to version "linux-image-3.16.0-36 (3.16.0-36.48)."
To update, open the Unity Dash, search for Software Updater, open the app and wait for it to find available updates. Apply any existing updates and reboot your machine. Then, run the "uname -r" command to see if the kernel version matches with the one posted above.