Today, August 10, 2016, Canonical has published several security notices to inform Ubuntu Linux users about new kernel updates for their distributions, patching several vulnerabilities discovered recently.

The kernel vulnerabilities listed below affect users of Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), and Ubuntu 12.04 LTS (Precise Pangolin), but also all the official flavors that have a release in one of these branches, including but not limited to Kubuntu, Xubuntu, Lubuntu, Edubuntu, Ubuntu MATE, Ubuntu GNOME, and Mythbuntu.

The first security flaw is an integer overflow discovered by Ben Hawkes in Linux kernel's netfilter implementation. Affecting only 32-bit systems, as well as only Ubuntu 16.04 LTS and Ubuntu 12.04 LTS, the kernel vulnerability could have allowed an unprivileged local attacker to crash the system or execute random code as root.

The second security issue affects all supported Ubuntu OSes. Linux kernel's keyring implementation wasn't capable of ensuring that the data structure was initialized before it was referenced following the appearance of an error condition, which could have allowed a local attacker to crash the system by causing a denial of service (DoS).

The third kernel vulnerability was discovered in Linux kernel's percpu allocator by renowned Linux kernel developer Sasha Levin. It's a use-after-free issue that could have allowed a local attacker to either run code with administrative privileges (as root) or crash the system. This affects only Ubuntu 16.04 LTS and Ubuntu 12.04 LTS.

The last security flaw affects all supported Ubuntu operating systems, and it's an information leak discovered by Kangjie Lu in Linux kernel's netlink implementation. This vulnerability could have allowed a local attacker to obtain sensitive information from the kernel memory.

Please update your Ubuntu OS right now

Canonical urges all users of the Ubuntu 16.04 LTS (Xenial Xerus), Ubuntu 14.04 LTS (Trusty Tahr), Ubuntu 12.04 LTS (Precise Pangolin), as well as their official derivatives to update the kernel packages to linux-image-4.4.0-34 (4.4.0-34.53) for Ubuntu 16.04 LTS, linux-image-4.4.0-1019-raspi2 (4.4.0-1019.25) for Ubuntu 16.04 LTS for Raspberry Pi, linux-image-3.13.0-93 (3.13.0-93.140) for Ubuntu 14.04 LTS, and linux-image-3.2.0-107 (3.2.0-107.148) for Ubuntu 12.04 LTS.

Of course, if you're using the latest Ubuntu 14.04.5 LTS (Trusty Tahr) and Ubuntu 12.04.5 LTS (Precise Pangolin) operating systems, or any of the official flavors from these series, you need to update your kernel packages to the version available for them in the backports repositories. After a kernel update, you need to reboot your computer. For more information on how to upgrade, please visit https://wiki.ubuntu.com/Security/Upgrades.