New Kernel Vulnerability Affects Ubuntu 12.04 LTS
All Precise Pangolin users are urged to update their systems!
Canonical announced a few hours ago, July 23rd, in a security notice, that a new Linux kernel update for its Ubuntu 12.04 LTS (Precise Pangolin) operating system is now available, fixing one security vulnerability discovered in the Linux kernel packages.The CVE-2012-2390 vulnerability is actually an error discovered in the Linux kernel's memory subsystem (hugetlb), that could allow unprivileged local users to exploit it and to cause a DoS (Denial of Service) attack by crashing the system.
Please go here for in-depth descriptions of the vulnerability, as it affects other Linux operating systems as well.
The security flaw can be fixed if you upgrade your system(s) to the linux-image-3.2.0-27 (3.2.0-27.43) package(s). To apply the update, run the Update Manager application.
Don't forget to reboot your computer after the upgrade!
ATTENTION: Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall and recompile all third-party kernel modules you might have installed. Moreover, if you use the linux-restricted-modules package, you have to update it as well to get modules which work with the new Linux kernel version.