The kernel vulnerability could be used by a local attacker to run programs as an administrator, and it looks like it also affects all supported Ubuntu releases, including Ubuntu 16.10 (Yakkety Yak), Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 LTS (Precise Pangolin), as well as all of their official or unofficial derivatives running the same kernel builds.
Canonical urged all users to patch their systems immediately by installing linux-image-4.8.0-26 (4.8.0-26.28) for Ubuntu 16.10, linux-image-4.4.0-45 (4.4.0-45.66) for Ubuntu 16.04 LTS, linux-image-3.13.0-100 (3.13.0-100.147) for Ubuntu 14.04 LTS, and linux-image-3.2.0-113 (3.2.0-113.155) for Ubuntu 12.04 LTS, as well as linux-image-4.4.0-1029-raspi2 (4.4.0-1029.36) for Ubuntu 16.04 LTS for Raspberry Pi 2.
The Xenial HWE kernel for Ubuntu 14.04 LTS was updated as well today, to version linux-image-4.4.0-45 (4.4.0-45.66~14.04.1), and the Trusty HWE kernel for Ubuntu 12.04 LTS to version linux-image-3.13.0-100 (3.13.0-100.147~precise1).
Submitted by: Arnfried Walbrecht
Comments are closed.