As we well know, Ubuntu LTS versions are those that receive long-term support. And it is that recently, Canonical has launched various Kérnel updates for Ubuntu 12.04 LTS and Ubuntu 14.04 LTS versions, so if you are still using those versions, this article will interest you.
The updates have basically focused on fix vulnerabilities that affected those two versions and their derivatives. Among others, the most notable changes have been in the kernel's Netfilter, which did not correctly handle compatibility with 32-bit systems in events IPT_SO_SET_REPLACE in 64 bits. If you want to know more changes, we encourage you to read the full article.
In addition to the vulnerability corrected in the management of iptables that we just mentioned, several vulnerabilities have been fixed more, that we can read in the official statement from Ubuntu.
One of the most frequent errors that have been corrected has been several losses of information from the Kérnel. For example, Kangjie Lu discovered a loss of information in the implementation of the USB module in Linux, which meant that any local attacker could take advantage of this vulnerability to obtain sensitive information about the kernel memory.
Furthermore, Jann Horn also discovered that someone could bind InfiniBand interfaces of the kernel to overwrite memory of the same. Once again, an unprivileged local attacker could exploit such a vulnerability, gaining administrator privileges on systems where modules related to InfiniteBand have been loaded.
Another of the memory leaks that have been corrected, have been in the implementation of the Rock Ridge of the kernel. Rock Ridge is a extension of the ISO 9660 standard, which defines the file systems of CDs and adds support for POSIX-like systems. And it is that until now, any user could mount an ISO 9660 file system with malicious purposes and obtain sensitive information from the kernel memory.
Updating the kernel
As we are well informed in the official statement, all these problems can be solved by updating the kernel of our Ubuntu (12.04 LTS or 14.04 LTS) to the versions that you can see listed in the final part of it. official statement.
Also, we can search the application of Software updates, wait for the available updates to be found, and click Install All. To apply the changes, you will have to restart your system.
We hope that the article has helped you and that if you still use the Ubuntu 12.04 LTS or Ubuntu 14.04 LTS versions, update as soon as possible, since if you don't, your PC will be exposed to the vulnerabilities that we have mentioned.