---

Ubuntu 15.04 (Vivid Vervet) Gets Its First Linux Kernel Update

It was recently discovered that a local attacker could gain administrative privileges by exploiting a race condition between chown() and execve() in the Linux kernel. This could be achieved easily by using chown on a setuid-user-binary. The CVE-2015-3339 kernel vulnerability affects all supported Ubuntu operating systems, including Ubuntu 14.10, 14.04 LTS, and 12.04 LTS.