14 DAY TRIAL // Today, July 28, Canonical has published details about new Linux kernel updates for its Ubuntu 15.04 (Vivid Vervet) and Ubuntu 14.04 LTS (Trusty Tahr) operating systems, urging users to update the installations as soon as possible.
Today's kernel updates patch four kernel vulnerabilities discovered by various developers in the upstream Linux kernel 3.19 and Linux kernel 3.13 packages. The updates include exactly the same patches, which are explained below in detail.
The first security flaw was discovered by Andy Lutomirski in the Linux kernel's handling of nested non-maskable interrupts (NMIs), which could allow a local, unprivileged user to crash the system by causing a denial of service, or gain root access.
The second security flaw was discovered by Colin King in the keyring subsystem of the Linux kernel, allowing a local user to cause memory exhaustion via a denial of service (DoS) attack.
The third and fourth Linux kernel vulnerabilities were discovered by Andy Lutomirski in the NMIs (non-maskable interrupts) functionality, allowing local, unprivileged users to gain root access or crash the system via a DoS attack.
All Ubuntu 15.04 and Ubuntu 14.04 LTS users must update
As expected, Canonical urges all users of the Ubuntu 15.04 (Vivid Vervet) and Ubuntu 14.04 LTS (Trusty Tahr) to update their systems immediately. To update, fire up the Software Updater utility, wait for it to find the new kernel updates, then apply all available updates.
Don't forget to reboot your machine after a successful update process. After a system restart, make sure that your kernel packages have been updated to linux-image-3.19.0-25 (3.19.0-25.26) for Ubuntu 15.04 and linux-image-3.13.0-59 (3.13.0-59.98) for Ubuntu 14.04 LTS.