Ubuntu 14.04 LTS : linux-lts-xenial vulnerability (USN-3106-2) (Dirty COW)
High Nessus Plugin ID 94156
SynopsisThe remote Ubuntu host is missing one or more security-related patches.
DescriptionUSN-3106-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.
It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpdate the affected linux-image-4.4-generic, linux-image-4.4-generic-lpae and / or linux-image-4.4-lowlatency packages.