Ubuntu Security Notice USN-319-1
18th July, 2006
linux-source-2.6.15 vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 6.06 LTS
Details
A race condition has been discovered in the file permission handling
of the /proc file system. A local attacker could exploit this to
execute arbitrary code with full root privileges.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 6.06 LTS:
- linux-image-2.6.15-26-hppa32-smp 2.6.15-26.45
- linux-image-2.6.15-26-powerpc64-smp 2.6.15-26.45
- linux-image-2.6.15-26-hppa64 2.6.15-26.45
- linux-image-2.6.15-26-386 2.6.15-26.45
- linux-image-2.6.15-26-amd64-xeon 2.6.15-26.45
- linux-image-2.6.15-26-amd64-server 2.6.15-26.45
- linux-image-2.6.15-26-amd64-k8 2.6.15-26.45
- linux-image-2.6.15-26-hppa64-smp 2.6.15-26.45
- linux-image-2.6.15-26-k7 2.6.15-26.45
- linux-image-2.6.15-26-server-bigiron 2.6.15-26.45
- linux-image-2.6.15-26-powerpc 2.6.15-26.45
- linux-image-2.6.15-26-mckinley-smp 2.6.15-26.45
- linux-image-2.6.15-26-amd64-generic 2.6.15-26.45
- linux-image-2.6.15-26-server 2.6.15-26.45
- linux-image-2.6.15-26-mckinley 2.6.15-26.45
- linux-image-2.6.15-26-itanium-smp 2.6.15-26.45
- linux-image-2.6.15-26-hppa32 2.6.15-26.45
- linux-image-2.6.15-26-686 2.6.15-26.45
- linux-image-2.6.15-26-itanium 2.6.15-26.45
- linux-image-2.6.15-26-powerpc-smp 2.6.15-26.45
- linux-image-2.6.15-26-sparc64 2.6.15-26.45
- linux-image-2.6.15-26-sparc64-smp 2.6.15-26.45
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
After a standard system upgrade you need to reboot your computer to
effect the necessary changes.
This flaw affects Ubuntu 5.04 and Ubuntu 5.10 as well; these releases
will be fixed shortly in a followup advisory.