By Shaun Nichols in San Francisco
26 Aug 2008
Ubuntu users are being advised to update their systems after the release
of a patch for the operating system's Linux kernel.
The open-source group sent out an advisory to users warning that, if
left unpatched, the flaws could allow an attacker execute malicious code
or cause a denial of service error leading to a system crash.
The vulnerability was traced back to what Ubuntu describes as "multiple
NULL-pointer function dereferences in the Linux kernel terminal handling
code." The attack is locally exploitable, meaning the attacker would
need to have direct access to the targeted system.
Additionally, the update addresses several less serious flaws which
could allow for local attackers to obtain user data and run denial of
service attacks. The patch also fixes an error caused by a previous
The vulnerability affects the 6.06, 7.04, 7.10 and 8.04 releases of
Ubuntu, Edubuntu and Xubuntu.
Register now for HITBSecConf2008 - Malaysia! With
a new triple-track conference featuring 4 keynote
speakers and over 35 international experts, this
is the largest network security event in Asia and
the Middle East!