Ubuntu Security Notice USN-1738-1
21st February, 2013
linux-lts-backport-oneiric vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.04 LTS
Summary
The system could be made to run programs as an administrator.
Software description
- linux-lts-backport-oneiric - Linux kernel backport from Oneiric
Details
Suleiman Souhlal, Salman Qazi, Aaron Durbin and Michael Davidson discovered
a race condition in the Linux kernel's ptrace syscall. An unprivileged
local attacker could exploit this flaw to run programs as an administrator.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 10.04 LTS:
- linux-image-3.0.0-31-server 3.0.0-31.49~lucid1
- linux-image-3.0.0-31-generic 3.0.0-31.49~lucid1
- linux-image-3.0.0-31-virtual 3.0.0-31.49~lucid1
- linux-image-3.0.0-31-generic-pae 3.0.0-31.49~lucid1
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system update you need to reboot your computer to make
all the necessary changes.