USN-1736-1: Linux kernel vulnerability

Ubuntu Security Notice USN-1736-1

21st February, 2013

linux vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 10.04 LTS

Summary

The system could be made to run programs as an administrator.

Software description

  • linux - Linux kernel

Details

Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered
a race condition in the Linux kernel's ptrace syscall. An unprivileged
local attacker could exploit this flaw to run programs as an administrator.

Update instructions

The problem can be corrected by updating your system to the following package version:

Ubuntu 10.04 LTS:
linux-image-2.6.32-45-generic 2.6.32-45.104
linux-image-2.6.32-45-powerpc-smp 2.6.32-45.104
linux-image-2.6.32-45-preempt 2.6.32-45.104
linux-image-2.6.32-45-lpia 2.6.32-45.104
linux-image-2.6.32-45-ia64 2.6.32-45.104
linux-image-2.6.32-45-sparc64-smp 2.6.32-45.104
linux-image-2.6.32-45-virtual 2.6.32-45.104
linux-image-2.6.32-45-sparc64 2.6.32-45.104
linux-image-2.6.32-45-generic-pae 2.6.32-45.104
linux-image-2.6.32-45-server 2.6.32-45.104
linux-image-2.6.32-45-powerpc 2.6.32-45.104
linux-image-2.6.32-45-versatile 2.6.32-45.104
linux-image-2.6.32-45-powerpc64-smp 2.6.32-45.104
linux-image-2.6.32-45-386 2.6.32-45.104

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

CVE-2013-0871