Canonical has released Ubuntu 15.04’s first vulnerability fix. Here’s how to update and fix Ubuntu 15.04 usb-creator vulnerability or Ubuntu 15.04 startup-disk creator vulnerability.
Canonical has published details of the first vulnerability identified and methods to fix it in Ubuntu 15.04 (Vivid Vervet). The vulnerability is known as usb-creator vulnerability. It is a security issue that affects Ubuntu 15.04 release and its derivatives. Due to this vulnerability the usb-creator could be tricked into running programs as an administrator.
USN-2576-1 fixed a vulnerability in usb-creator. This update provides the corresponding fix for Ubuntu 15.04.
Original advisory details:
Tavis Ormandy discovered that usb-creator was missing an authentication check. A local attacker could use this issue to gain elevated privileges.
Update Instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 15.04: usb-creator-common 0.2.67ubuntu0.1
The problem can be corrected by upgrading the system to the latest usb-creator-common package. To resolve this, simply run the Update Manager in the terminal using the following command. Please note that you will need root (superuser) permissions and an active Internet connection.
sudo apt-get update
sudo apt-get dist-upgrade
There is no need to reboot the system. All the changes are applied immediately.