Canonical Patched the Ubuntu 14.04 Kernel. Upgrade Now!

Canonical has patched two Kernel vulnerabilities, on Ubuntu 14.04 Trusty Tahr.

Canonical has announced yesterday that they have patched two issues (CVE-2015-2666 and CVE-2015-2922), upgrading the Ubuntu 14.04 kernel to version 3.13.0-51.

Description of the first issue:

A stack overflow was discovered in the the microcode loader for the intel x86 platform. A local attacker could exploit this flaw to cause a denial of service (kernel crash) or to potentially execute code with kernel privileges.

The second issue:

It was discovered that the Linux kernel’s IPv6 networking stack has a flaw that allows using route advertisement (RA) messages to set the ‘hop_limit’ to values that are too low. An unprivileged attacker on a local network
could exploit this flaw to cause a denial of service (IPv6 messages dropped).

All the users of Ubuntu 14.04 Trusty Tahr and derivatives like Linux Mint 17.2 Rafaela, Linux Mint 17.1 Rebecca, Linux Mint 17 Qiana, Pinguy OS 14.04, Elementary OS 0.3 Freya, Deepin 2014, Peppermint 6, Peppermint 5, LXLE 14.04, and Linux Lite 2 must upgrade now, in order to get the latest kernel patches:

$ sudo apt-get update
$ sudo apt-get dist-upgrade

Tagged with: , , , , , , , , , , , , , , , , , , ,
Posted in The Linux and Unix Articles!

Leave a Reply

Your email address will not be published. Required fields are marked *




Subscribe to get the latest Linux news and how to guides directly on your e-mail!