USN-1342-1: Linux kernel (Oneiric backport) vulnerability
26 January 2012
The system could be made to run programs as an administrator.
Releases
Packages
- linux-lts-backport-oneiric - Linux kernel backport from Oneiric
Details
Jüri Aedla discovered that the kernel incorrectly handled /proc/
permissions. A local attacker could exploit this and gain root privileges.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 10.04
-
linux-image-3.0.0-15-server
-
3.0.0-15.26~lucid1
-
linux-image-3.0.0-15-generic
-
3.0.0-15.26~lucid1
-
linux-image-3.0.0-15-virtual
-
3.0.0-15.26~lucid1
-
linux-image-3.0.0-15-generic-pae
-
3.0.0-15.26~lucid1
After a standard system update you need to reboot your computer to make
all the necessary changes.
References
Related notices
- USN-1364-1: linux-ti-omap4, linux-image-3.0.0-1207-omap4
- USN-1336-1: linux-image-3.0.0-15-virtual, linux, linux-image-3.0.0-15-generic-pae, linux-image-3.0.0-15-omap, linux-image-3.0.0-15-server, linux-image-3.0.0-15-powerpc, linux-image-3.0.0-15-generic, linux-image-3.0.0-15-powerpc-smp, linux-image-3.0.0-15-powerpc64-smp