Ubuntu Security Notice USN-1737-1
21st February, 2013
linux-ec2 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.04 LTS
Summary
The system could be made to run programs as an administrator.
Software description
- linux-ec2 - Linux kernel for EC2
Details
Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered
a race condition in the Linux kernel's ptrace syscall. An unprivileged
local attacker could exploit this flaw to run programs as an administrator.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 10.04 LTS:
- linux-image-2.6.32-350-ec2 2.6.32-350.61
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.