Ubuntu issues security patch for kernel flaw

Linux vendor warns users to update all machines running recent versions of Ubuntu.

Ubuntu on Tuesday became the latest Linux vendor to patch a vulnerability in the open-source operating system's kernel that could have left the door open for hackers to find their way into users' machines.

In an e-mail sent overnight, the Linux vendor warned users to update all machines running recent versions of Ubuntu, ranging from 6.06, which was released back in mid-2006, to version 8.04, which came out earlier this year. The problem also applied to other versions of Ubuntu such as Kubuntu, Edubuntu, and Xubuntu.

"It was discovered that there were multiple NULL-pointed function de-references in the Linux kernel terminal handling code," wrote Ubuntu administrators in the e-mail. "A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service."

The e-mail also detailed a number of other bugs that could be exploited by an attacker who already had some level of access to a computer running Ubuntu.

A number of other Linux vendors including Novell have recently released similar patches to address the problems.

Renai LeMay of ZDNet Australia reported from Sydney.

Featured Video

Leaked photos show off the actual Samsung Galaxy S7

Galaxy S7 pics are in the wild, the S Pen could bring something new, and Google is working on Android VR

by Brian Tong