Ubuntu Update for Linux kernel vulnerabilities USN-1009-2
Please Install the Updated Packages.
USN-1009-1 fixed vulnerabilities in the GNU C library. Colin Watson discovered that the fixes were incomplete and introduced flaws with setuid programs loading libraries that used dynamic string tokens in their RPATH. If the " man" program was installed setuid, a local attacker could exploit this to gain " man" user privileges, potentially leading to further privilege escalations. Default Ubuntu installations were not affected. Original advisory details: Tavis Ormandy discovered multiple flaws in the GNU C Library's handling of the LD_AUDIT environment variable when running a privileged binary. A local attacker could exploit this to gain root privileges. (CVE-2010-3847, CVE-2010-3856)
eglibc, glibc vulnerability on Ubuntu 8.04 LTS , Ubuntu 9.10 , Ubuntu 10.04 LTS , Ubuntu 10.10