Users are urged to update their systems immediately

Mar 8, 2017 22:47 GMT  ·  By

Canonical published several security advisories to inform Ubuntu users about new kernel versions for their Ubuntu 16.04 LTS (Xenial Xerus) and Ubuntu 16.10 (Yakkety Yak) operating systems.

It would appear that this is the first HWE (Hardware Enablement) kernel that Canonical releases for both Ubuntu 16.10 and Ubuntu 16.04.2 LTS users, patching the Linux 4.8 kernel packages to address a single security vulnerability that could allow a local attacker to elevate his/her privileges or crash the affected system via a DoS attack.

"Alexander Popov discovered that the N_HDLC line discipline implementation in the Linux kernel contained a double-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges," reads Ubuntu Security Notice USN-3221-1.

Ubuntu 14.04.5 LTS and 12.04.5 LTS users also affected

Canonical also backported the fix for CVE-2017-2636 to the Linux 4.4 kernel that's currently being maintained for Ubuntu 16.04 LTS and Ubuntu 16.04.1 LTS users, as well as Ubuntu 14.04.5 LTS and Ubuntu 12.04.5 LTS users with the Xenial HWE and Trusty HWE kernels installed.

Therefore, the security issue affects Ubuntu 16.10, Ubuntu 16.10 for Raspberry Pi 2, Ubuntu 16.04 LTS, Ubuntu 16.04 LTS for Raspberry Pi 2, Ubuntu 16.04 LTS for Snapdragon processors, Ubuntu 16.04 LTS for Google Container Engine (GKE) systems, Ubuntu 14.04 LTS, Ubuntu 12.04 LTS, and all of their official derivatives.

Users are urged to update their systems as soon as possible to linux-image 4.8.0.41.52 on Ubuntu 16.10, linux-image-raspi2 4.8.0.1028.31 on Ubuntu 16.10 for Raspberry Pi 2, linux-image 4.4.0.66.70 on Ubuntu 16.04 LTS, linux-image-raspi2 4.4.0.1046.45 on Ubuntu 16.04 LTS for Raspberry Pi 2, and linux-image-hwe-16.04 4.8.0.41.12 on Ubuntu 16.04.2 LTS.

Additionally, Ubuntu 14.04.5 LTS users must update their systems to linux-image-lts-xenial 4.4.0.66.52, and Ubuntu 12.04.5 LTS users to linux-image-lts-trusty 3.13.0.112.103. To update, simply follow the instructions provided by Canonical at https://wiki.ubuntu.com/Security/Upgrades. Don't forget to reboot your machines!