Nearly 40 vulnerabilities in the kernel of Linux Ubuntu 10.04 (Lucid Lynx), version LTS (Long Time Support) of this GNU/Linux distribution have been discovered. Kubuntu, Edubuntu and Xubuntu with the same numbering, are also affected.
Some of these problems are related in the form in which the "Common Internet File System" (CIFS) validates the ICPM (Internet Control Message Protocol) packets, making possible a denial of service (DOS) attack.
Also it has discovered a security hole in NFSv4 (Network File System v4) that would allow an attacker to gain administrative privileges. In total they have detected nine vulnerabilities that give root privileges and 14 leading to denial of service.
Others are related to incorrect verification of privileges of file and the restriction of "read-only" that, in a multi-user environment may affect, inter alia, privacy. In the link at bottom of article you have the complete list of vulnerabilities published by Ubuntu.
As it is usual in the GNU/Linux world, these problems are detected and corrected quickly. There are patches to fix vulnerabilities and you just have to update.
No comments:
Post a Comment