---

Canonical Patches Multiple Kernel Vulnerabilities in All Supported Ubuntu OSes

It appears that there are a total of five security issues affecting all supported Ubuntu OSes, including Ubuntu 12.04 LTS (Precise Pangolin), Ubuntu 14.04 LTS (Trusty Tahr), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 16.10 (Yakkety Yak), including the Raspberry Pi port, as well as 64-bit and 3-bit variants, and all their official derivatives, such as Kubuntu, Xubuntu, Lubuntu, Ubuntu MATE, Ubuntu GNOME, and Ubuntu Kylin. The first vulnerability is a buffer overflow discovered by Ondrej Kozina in Linux kernel’s keyring interface when displaying timeout events via /proc/keys. It affects all the Ubuntu releases mentioned above, allowing a local attacker to crash the system by causing a denial of service. The second security flaw was discovered in the ALSA subsystem, allowing a local attacker to crash the system, and affects only Ubuntu 14.04 LTS.

Get the Free Newsletter!

Subscribe to Developer Insider for top news, trends, & analysis