---

Canonical Patches Critical Linux Kernel Issues in Ubuntu 12.04 and 14.04 LTS

According to Canonical, it would appear that an information leak was discovered in the MD (Multiple Device) driver of the Linux kernel packages for Ubuntu 12.04 LTS, which could have allowed a privileged, local attacker to retrieve sensitive data from the kernel. For Ubuntu 14.04 LTS (Trusty Tahr), Canonical patched an integer overflow error discovered in Linux kernel’s SCSI generic driver, which could allow a local attacker that had write permissions to a SCSI generic device to gain root access or crash the system through a denial of service (DoS) attack.