Canonical announced last evening, January 23rd, in a security notice, that a new kernel update for its Ubuntu 11.10 (Oneiric Ocelot) operating system is now available, fixing one security vulnerability discovered in the Linux kernel packages by Jüri Aedla.
This kernel vulnerability was found (CVE-2012-0056
) because the kernel couldn't handle /proc/<pid>/mem permissions, allowing a local attacker to gain root privileges.
The security flaw can be fixed if you upgrade your system(s) to the linux-image-3.0.0-15 (3.0.0-15.26)
package(s). To apply the update, run the Update Manager application.
Don't forget to reboot your computer after the upgrade!ATTENTION: Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall and recompile all third-party kernel modules you might have installed. Moreover, if you use the linux-restricted-modules package, you have to update it as well to get modules which work with the new Linux kernel version.