Ubuntu users are being advised to update their systems after the release of a patch for the operating system's Linux kernel.
The open-source group sent out an advisory to users warning that, if left unpatched, the flaws could allow an attacker execute malicious code or cause a denial of service error leading to a system crash.
The vulnerability was traced back to what Ubuntu describes as "multiple NULL-pointer function dereferences in the Linux kernel terminal handling code." The attack is locally exploitable, meaning the attacker would need to have direct access to the targeted system.
Additionally, the update addresses several less serious flaws which could allow for local attackers to obtain user data and run denial of service attacks. The patch also fixes an error caused by a previous update.
The vulnerability affects the 6.06, 7.04, 7.10 and 8.04 releases of Ubuntu, Edubuntu and Xubuntu.