The Linux kernel vulnerability CVE-2016-0728 is a race condition that can allow a local attacker to escalate their privileges and gain root access to the system. The vulnerability affects Linux kernels versions 3.8 and above.
To patch this vulnerability, you should update your Linux kernel to a version that includes the fix. Here’s how you can do that on a Debian-based system like Ubuntu:
- Check your current Linux kernel version:
uname -r
- Update your system package list to ensure you have the latest information about available updates:
sudo apt-get update
- Upgrade your Linux kernel to the latest version:
sudo apt-get upgrade
- Reboot your system to load the updated Linux kernel:
sudo reboot
If you are unable to upgrade your Linux kernel, you can also protect against this vulnerability by disabling the ptrace system call, which is used by attackers to exploit the race condition. You can do this by adding the following line to your /etc/sysctl.conf file:
kernel.yama.ptrace_scope = 1
Then, run the following command to reload the sysctl configuration:
sudo sysctl -p
Keep in mind that disabling ptrace may have unintended consequences and could impact the functionality of certain programs. As such, upgrading your Linux kernel is the recommended solution to address this vulnerability.