New Zero-day exploit reportedly found affecting Linux/Android (CVE-2016-0728)

It has been patched already.

Quoting the article:

[...] "Yevgeny Pats discovered that the session keyring implementation in the Linux kernel did not properly reference count when joining an existing session keyring. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges," reads today's Ubuntu Security Notice USN-2872-1 for Ubuntu 15.10. [...]

and

[...] patches are now available for the Ubuntu 15.10 (Wily Werewolf), Ubuntu 15.04 (Vivid Vervet), and Ubuntu 14.04 LTS (Trusty Tahr) distributions. [...]

and

[...] you are urged to upgrade the kernel packages to linux-image-4.2.0-25 (4.2.0-25.30) for Ubuntu 15.10 (Wily Werewolf), linux-image-4.2.0-1020-raspi2 4.2.0-1020.27 for Ubuntu 15.10 (Raspberry Pi 2), linux-image-3.19.0-47 (3.19.0-47.53) for Ubuntu 15.04 (Vivid Vervet), and linux-image-3.13.0-76 (3.13.0-76.120) for Ubuntu 14.04 LTS (Trusty Tahr). [...]

So users of the patched releases (15.10 / 15.04 / 14.04, and according to Canonical also 12.04) may (and should) upgrade right away by running:

sudo apt-get update && sudo apt-get dist-upgrade

and rebooting the computer afterwards.


Just complementing @kos's nice answer:

The Zero day exploit (CVE-2016-0728) was found by the researchers at Perception Point.

It was introduced in 3.8 Vanilla Kernel. So the Ubuntu releases using kernel versions 3.8 or later are vulnerable. As @kos already mentioned, on a supported release you can just upgrade the kernel to install the patch:

sudo apt-get update && sudo apt-get dist-upgrade

How to Check the Vulenerability (taken from here):

Install libkeyutils-dev:

sudo apt-get install libkeyutils-dev

Copy this C program from github, written by the Perception Point team to test the exploit.

Save the codes in a file e.g. test_2016_0728.c and compile:

gcc test_2016_0728.c -o test_2016_0728 -lkeyutils -Wall

Run the compiled program as normal user:

./test_2016_0728 -PP1

It would take some time, if your kernel is vulnerable after the completion of the program you will see that your privilege has been escalated i.e. you have become root.