14 DAY TRIAL // As reported earlier, three new Linux kernel maintenance releases arrived for various Linux-based operating systems, patching a critical and ancient bug popularly known as "Dirty COW."
We already told you that the kernel vulnerability could be used by a local attacker to run programs as an administrator, and it looks like it also affects all supported Ubuntu releases, including Ubuntu 16.10 (Yakkety Yak), Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 LTS (Precise Pangolin), as well as all of their official or unofficial derivatives running the same kernel builds.
"It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges," reads Canonical's CVE-2016-5195 document entitled "race condition in copy-on-write breakage of private read-only memory mappings" and marked as "High" priority.
Ubuntu users urged to patch their systems immediately
Canonical urged all users to patch their systems immediately by installing linux-image-4.8.0-26 (4.8.0-26.28) for Ubuntu 16.10, linux-image-4.4.0-45 (4.4.0-45.66) for Ubuntu 16.04 LTS, linux-image-3.13.0-100 (3.13.0-100.147) for Ubuntu 14.04 LTS, and linux-image-3.2.0-113 (3.2.0-113.155) for Ubuntu 12.04 LTS, as well as linux-image-4.4.0-1029-raspi2 (4.4.0-1029.36) for Ubuntu 16.04 LTS for Raspberry Pi 2.
The Xenial HWE kernel for Ubuntu 14.04 LTS was updated as well today, to version linux-image-4.4.0-45 (4.4.0-45.66~14.04.1), and the Trusty HWE kernel for Ubuntu 12.04 LTS to version linux-image-3.13.0-100 (3.13.0-100.147~precise1). Please update your Ubuntu installations immediately by following the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades.