jones_supa writes: Canonical has announced that a new kernel update is now live in the default software repositories for the Ubuntu 14.04 operating system. According to the security notice, two Linux kernel vulnerabilities have been fixed. The first security flaw was discovered in the SCTP (Stream Control Transmission Protocol) implementation, which conducted a wrong sequence of protocol-initialization steps. The second kernel vulnerability (discovered by Dmitry Vyukov) was in the Linux kernel's keyring handler, which tried to garbage collect incompletely instantiated keys. Both vulnerabilities allow a local attacker to crash the system by causing a denial of service. To fix the issues mentioned above, Canonical urges all users of Ubuntu 14.04 to update their kernel packages on all platforms.
Attend or create a Slashdot 20th anniversary party! DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test. ×