Canonical announced a few hours ago the availability of a new security update for the Raspberry Pi 2 kernel packages of the Ubuntu 16.10 (Yakkety Yak) operating system, which patches a total of five newly discovered vulnerabilities.
The first security flaw (CVE-2016-10147) was discovered by Mikulas Patocka in Linux kernel's mcryptd, the asynchronous multibuffer cryptographic daemon, which appears to incorrectly handle incompatible algorithms. This could allow a local attacker to crash the system by causing a denial of service.
The second vulnerability (CVE-2016-10150) is a use-after-free discovered in Linux kernel's KVM (Kernel-based Virtual Machine) subsystem when creating devices, which could have allowed a local attacker to crash the system via a denial of service.
- $40 NanoPi K2 Board Powered by Amlogic S905 Processor Competes with ODROID-C2, Raspberry Pi 3
- OpenELEC 8.0 Linux distribution now available for PC, Raspberry Pi, WeTek Hub, and more
- OpenELEC 8.0 Linux OS Officially Out with Raspberry Pi Zero W Support, Kodi 17.1
- Azul Systems’ Zulu Embedded is a Build of OpenJDK for ARM, MIPS, PowerPC, and x86 Compliant with Java SE standard
- Shenzhen Xunlong Releases Two Orange Pi Boards with 64-Bit ARM Processor, 2GB RAM
- NanoPi NEO 2 Board Benchmarks with Ubuntu 16.04.2 using Linux 3.10 and Linux 4.10