≡ Menu

open terminal

Ubuntu Linux Critical Kernel Vulnerabilities Fix Available

Canonical Ltd has issued updates for its Kernel package to plug multiple security holes. A security issue affects the following Ubuntu releases:

=> Ubuntu 6.06 LTS
=> Ubuntu 7.04
=> Ubuntu 7.10
=> Ubuntu 8.04 LTS

This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu.


IPsec protocol stack did not correctly handle fragmented ESP packets. A remote attacker could exploit this to crash the system, leading to a denial of service.(CVE-2007-6282)

The 64bit kernel did not correctly handle hrtimer updates. A local attacker could request a large expiration value and cause the system to hang, leading to a denial of service. (CVE-2007-6712)

The ia32 emulation under 64bit kernels did not fully clear uninitialized data. A local attacker could read private kernel memory, leading to a loss of privacy. (CVE-2008-0598)

A race condition was discovered between ptrace and utrace in the kernel. A
local attacker could exploit this to crash the system, leading to a denial
of service. (CVE-2008-2365)

The copy_to_user routine in the kernel did not correctly clear memory destination addresses when running on 64bit kernels. A local attacker could exploit this to gain access to sensitive kernel memory, leading to a loss of privacy. (CVE-2008-2729)

The PPP over L2TP routines in the kernel did not correctly handle certain messages. A remote attacker could send a specially crafted packet that could crash the system or execute arbitrary code. (CVE-2008-2750)

Gabriel Campana discovered that SCTP routines did not correctly check for large addresses. A local user could exploit this to allocate all available memory, leading to a denial of service. (CVE-2008-2826)

How do I update Kernel package?

Open terminal and type the following two commands:
$ sudo apt-get update
$ sudo apt-get upgrade

After a standard system upgrade you need to reboot your computer to effect the necessary changes:
$ sudo reboot

Ubuntu Software Update How To

One of our regular reader asks:

How do I update and patch system under Ubuntu Linux? How do I update desktop and server edition software?

Updating software under Ubuntu Linux is pretty easy. There are two ways to update software as follows:

Method # 1: Ubuntu Linux Software update using command line tools

apt-get is the command-line tool for handling packages, updating package and installing patches under Ubuntu Linux. All you have to do is type the following two command to update all installed software to latest version.

Open terminal and type the following two commands:
$ sudo apt-get update
$ sudo apt-get upgrade

Sample output:

Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages have been kept back:
  linux-headers-generic linux-image-generic openssh-client openssh-server ssl-cert
The following packages will be upgraded:
  ca-certificates cupsys cupsys-bsd cupsys-client cupsys-common evolution evolution-common evolution-plugins gstreamer0.10-esd gstreamer0.10-plugins-good
  kdelibs-data kdelibs4c2a libcupsimage2 libcupsys2 libgnutls13 libhsqldb-java libpq5 libsmbclient libsmbclient-dev libspeex-dev libspeex1 libssl0.9.8
  linux-image linux-libc-dev linux-restricted-modules-common linux-source-2.6.22 linux-ubuntu-modules-2.6.22-14-generic openoffice.org openoffice.org-base
  openoffice.org-calc openoffice.org-common openoffice.org-core openoffice.org-draw openoffice.org-evolution openoffice.org-filter-mobiledev
  openoffice.org-gnome openoffice.org-gtk openoffice.org-impress openoffice.org-java-common openoffice.org-math openoffice.org-style-human
  openoffice.org-writer openssl python-uno samba-common smbclient ssh ssh-askpass-gnome ttf-opensymbol tzdata update-manager update-manager-core
  vorbis-tools xserver-xephyr xserver-xorg-core xserver-xorg-dev
56 upgraded, 0 newly installed, 0 to remove and 5 not upgraded.
Need to get 183MB of archives.
After unpacking 119kB of additional disk space will be used.
Do you want to continue [Y/n]? y 

Method # 2: GUI tool - Ubuntu Update Manager

This is a GUI tool. It works like Microsoft / Red Hat / Fedora update manager i.e. you will see a little icon in the kicker bar/taskbar when there are updates available. It will only appear when new upgrades are available. All you have to do is click on it and follow the online instructions.

You can also star GUI tool by Clicking System > Administration > Update Manager > Select Install update
Ubuntu Linux Software Update manager
(Fig.01: Ubuntu Linux Software Update Manager in Action)

IBM / Lenovo Computer Print Serial Number and Other Information from a Shell Command Prompt

If you are a proud owner of IBM / Lenovo laptop / desktop computer use vpddecode command to print the "vital product data" information without opening your case or rebooting the system. This information is hardcoded on almost all IBM and Lenovo computers BIOS. It will show following information:

=> BIOS Build ID
=> Box Serial Number
=> Motherboard Serial Number
=> Machine Type/Model
=> BIOS Release Date
=> Default Flash Image File Name

Command to display BIOS information

WARNING! These examples only works on IBM/Lenovo Computer or Laptop systems

Open terminal and type the following command as the root user:

$ sudo vpddecode
# vpddecode