Low-Level Exploit Hits Ubuntu, OpenSUSE

The bug allows an unprivileged local user to cause a DoS attack or gain root privileges. 

OpenSUSE and Ubuntu may be susceptible to an exploit in Linux x32 application binary interface (ABI) recently introduced to the two Linux distros. Both the operating systems have begun including the support at machine code level. ABI is similar to a software/code-level application programming interface (API).

The bug is reported to affect all Linux Kernels since 3.4, in which the option to include x32 support was included. Pageexec reported a bug in the Linux kernel's recvmsg syscall when it was called from code using the x32 ABI, which could allow an unprivileged local user to cause a Denial of Service attack or gain root privileges.

Meanwhile, Ubuntu has issued its own update in response to the vulnerability. The new Linux kernel update is available for its Ubuntu 13.10 (Saucy Salamander) operating system. It must be noted that the x32 ABI allows 32-bit applications to take advantage of 64-bit x86 architectures when enabled while building the Linux kernel. OpenSUSE and Ubuntu have however enabled it by default in their distros. Red Hat has previously refused to enable x32 support in Fedora 18 citing security concerns.

Here's the update: Ubuntu Update

CodeKill