USN-1739-1: Linux kernel vulnerability

22 February 2013

linux vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 11.10

Summary

The system could be made to run programs as an administrator.

Software Description

  • linux - Linux kernel

Details

Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered a race condition in the Linux kernel’s ptrace syscall. An unprivileged local attacker could exploit this flaw to run programs as an administrator.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 11.10
linux-image-3.0.0-31-generic - 3.0.0-31.49
linux-image-3.0.0-31-generic-pae - 3.0.0-31.49
linux-image-3.0.0-31-omap - 3.0.0-31.49
linux-image-3.0.0-31-powerpc - 3.0.0-31.49
linux-image-3.0.0-31-powerpc-smp - 3.0.0-31.49
linux-image-3.0.0-31-powerpc64-smp - 3.0.0-31.49
linux-image-3.0.0-31-server - 3.0.0-31.49
linux-image-3.0.0-31-virtual - 3.0.0-31.49

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References