New Kernel Vulnerability Affects Ubuntu 12.04 LTS

All Precise Pangolin users are urged to update their systems!

By on July 24th, 2012 07:20 GMT

Canonical announced a few hours ago, July 23rd, in a security notice, that a new Linux kernel update for its Ubuntu 12.04 LTS (Precise Pangolin) operating system is now available, fixing one security vulnerability discovered in the Linux kernel packages.

The CVE-2012-2390 vulnerability is actually an error discovered in the Linux kernel's memory subsystem (hugetlb), that could allow unprivileged local users to exploit it and to cause a DoS (Denial of Service) attack by crashing the system.

Please go here for in-depth descriptions of the vulnerability, as it affects other Linux operating systems as well.

The security flaw can be fixed if you upgrade your system(s) to the linux-image-3.2.0-27 (3.2.0-27.43) package(s). To apply the update, run the Update Manager application.

Don't forget to reboot your computer after the upgrade!

ATTENTION:
Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall and recompile all third-party kernel modules you might have installed. Moreover, if you use the linux-restricted-modules package, you have to update it as well to get modules which work with the new Linux kernel version.

Comments