Thursday, February 16, 2012

New Kernel Vulnerabilities Affect Ubuntu 11.10,11.04 and 10.10

Canonical announced the other day, in a security notice, that a new kernel update for its Ubuntu 11.10 (Oneiric Ocelot) operating system is now available, fixing four security vulnerabilities discovered in the Linux kernel packages by various developers. 

These are the kernel vulnerabilities found in the kernel packages: CVE-2011-4622CVE-2012-0038CVE-2012-0055, and CVE-2012-0207.

The security flaw can be fixed if you upgrade your system(s) to the linux-image-3.0.0-16 (3.0.0-16.28) package(s). To apply the update, run the Update Manager application.

Don't forget to reboot your computer after the upgrade!

ATTENTION: Due to an unavoidable ABI change, the kernel packages have a new version number, which will force you to reinstall and recompile all third-party kernel modules you might have installed. Moreover, if you use the linux-restricted-modules package, you have to update it as well to get modules which work with the new Linux kernel version.



Canonical issued last night, February 13th, new versions of the Linux kernel packages for the Ubuntu 11.04 (Natty Narwhal) and Ubuntu 10.10 (Maverick Meerkat) operating systems, fixing vulnerabilities found recently in the official Linux kernel packages. 

The following four Linux kernel vulnerabilities were found: CVE-2011-3353CVE-2011-4622CVE-2012-0038, and CVE-2012-0044.

As usual, you can click on each one to see how it affects your system, or go here and here for in-depth descriptions, as it affects other Linux operating systems as well.

The security flaws can be fixed if you update your system(s) to the linux-image-2.6.35-32 (2.6.35-32.65) package(s) for Ubuntu 10.10 and thelinux-image-2.6.38-13 (2.6.38-13.55) package(s) for Ubuntu 11.04.

For in-depth instruction about how to update your system, please follow this link: https://wiki.ubuntu.com/Security/Upgrades. Don't forget to reboot your computer after the upgrade!