Language Selection

English French German Italian Portuguese Spanish

Newly Discovered Kernel Vulnerabilities Affect All Ubuntu Users

Filed under
Security

Yesterday, November 27th, the Ubuntu developers discovered yet another security issue (actually, more than one) in the Linux kernel packages. These vulnerabilities affect the following Ubuntu distributions: 6.06 LTS, 7.10, 8.04 LTS and 8.10 (also applies to Kubuntu, Edubuntu and Xubuntu). The truth is that there are exactly nine (yes, 9) security issues (see below for details), therefore, it is strongly recommended to update your system as soon as possible!

The Ubuntu developers discovered that:

1. The Xen hypervisor block driver couldn't accurately validate incoming requests. Therefore, a user with root privileges could crash a system and cause a DoS (Denial of Service) attack by executing malicious I/O requests. This issue affects only Ubuntu 7.10.

2. The i915 video driver couldn't accurately validate memory addresses. Therefore, an attacker could remap memory and cause a system crash, leading to a DoS (Denial of Service) attack. Ubuntu 6.06 LTS, 7.10 and 8.04 LTS users are not affected by this issue. Ubuntu 8.10 users should update their systems to correct this vulnerability!

More Here




More in Tux Machines

today's leftovers

Software: VirtualBox, Franz, ClipGrab, Gammu, AppArmor, Xfce4, GTK+

  • Oracle Releases VM VirtualBox 5.2
    It was more than one year ago that VirtualBox 5.1 was released while today it's finally been succeeded by a new feature release.
  • Franz Combines all Your Messaging Apps in a Single Application
    Franz is a free to use application that combines different messaging services like WhatsApp, WeChat, Facebook Messenger, Gmail, Telegram, Skype, Slack and other chat applications in one application.
  • ClipGrab: Video Downloader and Converter Updated for Ubuntu/Linux Mint (PPA)
    ClipGrab is a free software to download and convert videos from different famous sites of Internet. You can easily save your favorite videos from sites like Dailymotion or Vimeo. And you can convert these videos into "usable" formats like WMV, MPEG or MP3. You can check here which sites are supported by this software.
  • Gammu 1.38.5
    Today, Gammu 1.38.5 has been released. After long period of bugfix only releases, this comes with several new noteworthy features.
  • Watch Out Upgrading To Linux 4.14 If You Use AppArmor
    Just a quick public service announcement if you rely upon AppArmor for security on your Linux distribution like Ubuntu/Debian and plan to soon upgrade to the Linux 4.14 kernel...
  • New hotness: xfce4-notifyd 0.4.0
    After quite some development time I have decided to push out xfce4-notifyd 0.4.0 today. This is not just a bugfix, but a feature-packed release.
  • Xfce Gets Notification Improvements With xfce4-notifyd 0.4
    For users of the Xfce4 desktop environment, a new release of xfce4-notifyd 0.4 is now available as the project's newest feature release.
  • GTK+ 3.92 Released With Many Improvements & New Features
    Matthias Clasen has today released GTK+ 3.92 as the latest test release in the long road towards the major GTK4 tool-kit update. GTK+ 3.92 features Vulkan improvements, more widget reworking, continued Emoji support, and more. Highlights of changes found in this GTK+ 3.92 update include:
  • SteelCloud Expands Linux STIG Support to Ubuntu, SUSE, and Oracle Linux
    SteelCloud LLC announced today that it has enhanced ConfigOS, its patented STIG remediation software, to support the newly released Ubuntu, SUSE, and Oracle Linux STIGs. These new supported platforms bolster the product's existing Red Hat Linux automated STIG remediation capabilities. The expanded ConfigOS Linux security content will be provided to new and existing customers at no additional charge.

today's howtos

Linux and Graphics: AMD and AGL