Ubuntu security patch for kernel flaw

On Tuesday, Canonical released a kernel patch to address security issues in the 6.06, 7.04, 7.10 and 8.04 releases of Ubuntu, Edubuntu and Xubuntu. The vulnerability could allow an attacker to execute arbitrary code as root, or crash the system, leading to a denial of service.

"It was discovered that there were multiple NULL-pointed function de-references in the Linux kernel terminal handling code," wrote Ubuntu administrators in the e-mail. "A local attacker could exploit this to execute arbitrary code as root, or crash the system, leading to a denial of service."

The e-mail also detailed a number of other bugs that could be exploited by an attacker who already had some level of access to a computer running Ubuntu.