Language Selection

English French German Italian Portuguese Spanish

Newly Discovered Kernel Vulnerabilities Affect All Ubuntu Users

Filed under
Security

Yesterday, November 27th, the Ubuntu developers discovered yet another security issue (actually, more than one) in the Linux kernel packages. These vulnerabilities affect the following Ubuntu distributions: 6.06 LTS, 7.10, 8.04 LTS and 8.10 (also applies to Kubuntu, Edubuntu and Xubuntu). The truth is that there are exactly nine (yes, 9) security issues (see below for details), therefore, it is strongly recommended to update your system as soon as possible!

The Ubuntu developers discovered that:

1. The Xen hypervisor block driver couldn't accurately validate incoming requests. Therefore, a user with root privileges could crash a system and cause a DoS (Denial of Service) attack by executing malicious I/O requests. This issue affects only Ubuntu 7.10.

2. The i915 video driver couldn't accurately validate memory addresses. Therefore, an attacker could remap memory and cause a system crash, leading to a DoS (Denial of Service) attack. Ubuntu 6.06 LTS, 7.10 and 8.04 LTS users are not affected by this issue. Ubuntu 8.10 users should update their systems to correct this vulnerability!

More Here




More in Tux Machines

Desktop GNU/Linux

  • [Video] Litebook Alpha Review! | Unboxing, Apps, and Gaming!
  • Beginners Guide To Linux
    Curious about getting into Raspberry Pi or just Linux in general but you're not sure where to start? This post is for you. It's not intended to be a comprehensive guide, rather a gentle intro into the Linux world. I'm not a Linux expert, but I know from experience that it can be an intimidating platform to get started in. I want this post to show you what you need to know to get started with Linux.
  • [Video] 5 Reasons To Switch To Linux
  • System76 Provides Wireless Fixes for Ubiquity
    We are proud to have contributed to Ubiquity in such a way that we feel improves all users’ lives when using Ubuntu. We will continue improving the platform and hope that our users will see value in what we do.
  • GNOME 3.24 Released, See What`s New
    After being in development for six months, GNOME 3.24 was released today, bringing improvements such as Night Light, weather information in the date / time indicator, along with updates to its applications, and more.

Late Night Linux, Bad Voltage, and Effective Communication in Podcasting

  • Late Night Linux – Episode 06
    Jesse is back but this time Félim is in his sick bed so it’s a 3 man show yet again. Some heated debates about Nextcloud’s actions, Ubuntu extended support and PowerPC distros, followed by a deep dive into the world of HiDPI 4k support in Linux.
  • Bad Voltage Live at SCaLE 15x
    The Bad Voltage live stage show, from SCaLE 15x in Pasadena, March 2017!
  • Effective Communication in Podcasting
    When I got serious about doing Linux videos on YouTube, I drew on all of that Old Media experience plus I took a few classes to make sure I knew what I was talking about before handing out advice to others. That has led to the EzeeLinux project. The goal of EzeeLinux is to educate folks about Linux and get them started on the right path to success… I have been truly humbled by the response it has gotten. That said, I don’t feel like I’m competing with anyone – the more, the merrier! I honestly feel that Linux and Open Source Software are arguably one of the few truly good things happening in the world today. It brings people from all over the world together and provides a means to get cutting edge technology into the hands of anyone, anywhere who wants to take the time to learn how to use it regardless of their financial situation. That is the kind of power that can quite literally change the world, folks. No one should be left behind in this Information Age. Come to think of it, Ed Murrow would probably do a documentary about Linux if he was still around today… It would be right up his street, I think. It’s the kind of thing he liked to talk about.

Leftovers: Software

  • [Video] Linux Audio Programs Compared 2017
    I made this video for those that are new to, or just interested in making music on the Linux OS. I go over the features, goods and bads of Rosegarden, LMMS, Ardour, Mixbus, and EnergyXT, as well as touch on Qtractor. I don't don't go much into details of the particular versions I am using, but the video was made in the early part of 2017 and I'm running Ubuntu 16.04LTS.
  • Green Recorder: A Simple Desktop/Screen Recorder for Linux
    Green Recorder is a simple, open source desktop recorder developed for Linux systems built using Python, GTK and FFmpeg. It supports most of the Linux desktop environments such as Unity, Gnome, Cinnamon, Mate, Xfce and so on. Recently it has been updated to work with Wayland too in Gnome session.
  • Komorebi: A New Way To Enhance Your Desktop Using Animated/Parallax Wallpapers
    In past there were applications that allowed us to run videos/Gif as wallpaper on the desktop and make desktop look much cooler but than all of sudden the development of such Apps stopped and I can't name any App that exist for this purpose. Komorebi is fairly new application designed to make your desktop experience much better and make desktop cool as well, we can say it is kind of 'live wallpaper' situation here or 3D wallpaper. It is developed by Abe Masri and available under GPL license for free.
  • Stacer Sytem Optimizer: A Must Have Application For Ubuntu/Linux Mint
    There are multiple ways to optimize your Linux, the most geeky way is using Terminal, there are also applications available that performs such actions like Bleachbit, Ubuntu cleaner and so on. Stacer is simple, open-source, quick and new application designed to offer you all-in-one optimizer for your Ubuntu/Linux Mint (It's alternative to CCleaner but only for Linux).
  • Qtox: Open Source and Fully Secure Skype Replacement for Linux
    Long years ago, we've talked about a Skype alternative called Tox which was still in its early developmental stages. Tox was supposed to become the anti-thesis of Skype by being a fully open-source video and voice chat client that placed user privacy and security at its center. Well, guess what, there are now fully active and well-maintained chat clients that are built on top of Tox protocol. qTox is one of them.
  • Rclone 1.36 Released With SFTP And Local Symlinks Support, More
    Rclone 1.36 was released recently, bringing support for SFTP, local symbolic links support, mount improvements, along with many other new features and bug fixes. For those not familiar with Rclone, this is a cross-platform command line tool for synchronizing files and folders to multiple cloud storages, which supports Dropbox, Google Drive, Amazon S3, Amazon Drive, Microsoft One Drive, Yandex Disk, and more. It can be used to sync files either from your machine or from one cloud storage to another.
  • Streamlink Twitch GUI 1.2.0 Adds Support For Communities And Team Pages, Basic Hotkeys
    Streamlink Twitch GUI (previously Livestreamer Twitch GUI) is a multi-platform Twitch.tv browser. The application is powered by Node.js, Chromium and Streamlink, though it can still use Livestreamer (which is no longer maintained) too.
  • Code Editor `Brackets` 1.9 Released, Available In PPA
    Brackets is a free, open source code editor focused on front-end web development (HTML, CSS and JavaScript).
  • Terminix Terminal Emulator Renamed To Tilix, Sees New Bugfix Release
    [Quick update] Terminix, a GTK3 tiling terminal emulator, has been renamed to Tilix due to some trademark issues.

today's howtos