Canonical announced a few hours ago the availability of a new security update for the Raspberry Pi 2 kernel packages of the Ubuntu 16.10 (Yakkety Yak) operating system, which patches a total of five newly discovered vulnerabilities.
The first security flaw (CVE-2016-10147) was discovered by Mikulas Patocka in Linux kernel's mcryptd, the asynchronous multibuffer cryptographic daemon, which appears to incorrectly handle incompatible algorithms. This could allow a local attacker to crash the system by causing a denial of service.
The second vulnerability (CVE-2016-10150) is a use-after-free discovered in Linux kernel's KVM (Kernel-based Virtual Machine) subsystem when creating devices, which could have allowed a local attacker to crash the system via a denial of service.
- LibreELEC 8.0.0 Officially Released for Raspberry Pi SBCs with Kodi 17 "Krypton"
- Meet Flint OS, a Chromium OS Fork for Raspberry Pi & PCs That Runs Android Apps Exclusive
- Linux 4.10 Release – Main Changes, ARM & MIPS Architectures
- Ubuntu MATE 16.04.2 LTS Out Now for Raspberry Pi 3 and 2 with MATE 1.16.1
- How to securely connect to a Raspberry Pi from anywhere
- Linux Kernel 4.9.10 Has ARM, x86 and PowerPC Improvements, Updated Drivers