Subject: [USN-1342-1] Linux kernel (Oneiric backport) vulnerability
Newsgroups: gmane.linux.ubuntu.security.announce
Date: 2012-01-26 03:27:46 GMT (15 weeks, 6 days, 12 hours and 18 minutes ago)
========================================================================== Ubuntu Security Notice USN-1342-1 January 26, 2012 linux-lts-backport-oneiric vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 10.04 LTS Summary: The system could be made to run programs as an administrator. Software Description: - linux-lts-backport-oneiric: Linux kernel backport from Oneiric Details: Jüri Aedla discovered that the kernel incorrectly handled /proc/≤pid>/mem permissions. A local attacker could exploit this and gain root privileges. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 10.04 LTS: linux-image-3.0.0-15-generic 3.0.0-15.26~lucid1 linux-image-3.0.0-15-generic-pae 3.0.0-15.26~lucid1 linux-image-3.0.0-15-server 3.0.0-15.26~lucid1 linux-image-3.0.0-15-virtual 3.0.0-15.26~lucid1 After a standard system update you need to reboot your computer to make all the necessary changes. References: http://www.ubuntu.com/usn/usn-1342-1 CVE-2012-0056 Package Information: https://launchpad.net/ubuntu/+source/linux-lts-backport-oneiric/3.0.0-15.26~lucid1