14 DAY TRIAL // Just a few moments ago (September 19, 2016), Canonical published several security advisories to inform the Ubuntu Linux community about the availability of new Linux kernel updates for all supported Ubuntu releases.
According to Ubuntu Security Notice USN-3084-1, three security flaws are affecting the Ubuntu 16.04 LTS (Xenial Xerus) operating system and later versions, as well as any derivative. The first one is a race condition in Linux kernel's audit subsystems, which could allow a local attacker to interrupt system-call auditing or damage the audit logs.
The second security issue is related to Linux kernel's KVM (Kernel-based Virtual Machine) hypervisor implementation, which didn't work correctly on PPC64 (PowerPC 64-bit) and PowerPC (PPC) platforms, thus allowing an unprivileged attacker to cause a CPU lockup in the host operating system.
Lastly, Ubuntu 16.04 LTS was affected by a race condition in Linux kernel's Chrome OS embedded controller device driver, which would have allowed a local attacker to crash the system by causing a denial of service (DoS). This issue was discovered by Pengfei Wang.
Security issues affecting Ubuntu 14.04 LTS and Ubuntu 12.04 LTS
If you're using the Ubuntu 14.04 LTS (Trusty Tahr) operating system or later versions, as well as any of its derivatives, you should know that the new kernel update patches a security flaw discovered by Dmitry Vyukov in the IPv6 implementation, which could allow a local attacker to crash the system or execute malicious code.
The second security flaw affecting Ubuntu 14.04 LTS users is a race condition in Linux kernel's SCTP implementation, which didn't properly handle heartbeat-timeout events, thus allowing a remote attacker to cause a denial of service. Finally, only a single security issue affects Ubuntu 12.04 LTS (Precise Pangolin) users.
If you're using any of the Ubuntu operating systems mentioned above, you need to update to the new kernel versions, which are linux-image-4.4.0-38 (4.4.0-38.57) for Ubuntu 16.04 LTS, linux-image-3.13.0-96 (3.13.0-96.143) for Ubuntu 14.04 LTS, and linux-image-3.2.0-110 (3.2.0-110.151) for Ubuntu 12.04 LTS.
Of course, the Trusty HWE kernel has been updated to linux-image-3.13.0-96-generic 3.13.0-96.143~precise1 for Ubuntu 12.04.5 LTS users, and the Xenial HWE kernel to linux-image-4.4.0-38-generic 4.4.0-38.57~14.04.1 for Ubuntu 14.04.5 LTS users. Ubuntu 16.04 LTS for Raspberry Pi 2 was updated to linux-image-4.4.0-1023-raspi2 (4.4.0-1023.29).
To update, simply open the Ubuntu Software or Synaptic Package Manager apps, check for available updates and install them. Be aware that you'll have to reboot your computer for the new kernel version to be correctly installed, and you must rebuild any third-party kernel module you might have installed. More details at https://wiki.ubuntu.com/Security/Upgrades.