USN-1738-1: Linux kernel (Oneiric backport) vulnerability
22 February 2013
The system could be made to run programs as an administrator.
Releases
Packages
- linux-lts-backport-oneiric - Linux kernel backport from Oneiric
Details
Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered
a race condition in the Linux kernel's ptrace syscall. An unprivileged
local attacker could exploit this flaw to run programs as an administrator.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 10.04
-
linux-image-3.0.0-31-server
-
3.0.0-31.49~lucid1
-
linux-image-3.0.0-31-generic
-
3.0.0-31.49~lucid1
-
linux-image-3.0.0-31-virtual
-
3.0.0-31.49~lucid1
-
linux-image-3.0.0-31-generic-pae
-
3.0.0-31.49~lucid1
After a standard system update you need to reboot your computer to make
all the necessary changes.