Language Selection

English French German Italian Portuguese Spanish

Newly Discovered Kernel Vulnerabilities Affect All Ubuntu Users

Filed under
Security

Yesterday, November 27th, the Ubuntu developers discovered yet another security issue (actually, more than one) in the Linux kernel packages. These vulnerabilities affect the following Ubuntu distributions: 6.06 LTS, 7.10, 8.04 LTS and 8.10 (also applies to Kubuntu, Edubuntu and Xubuntu). The truth is that there are exactly nine (yes, 9) security issues (see below for details), therefore, it is strongly recommended to update your system as soon as possible!

The Ubuntu developers discovered that:

1. The Xen hypervisor block driver couldn't accurately validate incoming requests. Therefore, a user with root privileges could crash a system and cause a DoS (Denial of Service) attack by executing malicious I/O requests. This issue affects only Ubuntu 7.10.

2. The i915 video driver couldn't accurately validate memory addresses. Therefore, an attacker could remap memory and cause a system crash, leading to a DoS (Denial of Service) attack. Ubuntu 6.06 LTS, 7.10 and 8.04 LTS users are not affected by this issue. Ubuntu 8.10 users should update their systems to correct this vulnerability!

More Here




More in Tux Machines

Arch Linux – Kde Plasma 5.3 stable is finally available for installation

Great news for Arch Linux users! From a few minutes, Kde Plasma 5.3 stable packages are officially available on Arch Linux repositories. In fact, after running the pacman -Syu command I finally noticed, listed on my terminal, the new packages of Plasma 5.3.0 with all the relative dependencies. Read more

Linux 4.1-rc2

So the -rc2's have lately been pretty small - looking more like late -rc's than early ones. It *used* to be that I couldn't even post the shortlog, because it was just too big. That's not been the case for the last few releases. I think people tend to take a breather after the merge window, because the -rc3's tend to then be a bit bigger again. But it may just also be that I've just gotten much better at saying "the merge window is over, I'm not taking random stragglers", or that people are just getting better at keeping to the merge window. Whatever the reason, the time of huge -rc2's seems to be happily behind us. Read more

GNOME 3.17.1 released

Hi GNOMErs! The development of the next GNOME release, 3.17, has started, and the first snapshot, 3.17.1, is now available. To compile GNOME 3.17.1, you can use the jhbuild [1] modulesets [2] (which use the exact tarball versions from the official release). [1] http://library.gnome.org/devel/jhbuild/ [2] http://download.gnome.org/teams/releng/3.17.1/ The release notes that describe the changes between 3.16.1 and 3.17.1 are available. Go read them to learn what's new in this release: core - http://download.gnome.org/core/3.17/3.17.1/NEWS apps - http://download.gnome.org/apps/3.17/3.17.1/NEWS The GNOME 3.17.1 release is available here: core sources - http://download.gnome.org/core/3.17/3.17.1 apps sources - http://download.gnome.org/apps/3.17/3.17.1 Read more