Multiple vulnerabilities have been reported in many iterations and distributions of Linux.
The flaws, as reported by Linux vulnerability researcher Jens Axboe on Wednesday, affect versions of Ubuntu, Suse, Red Hat, Mandrake, Debian and iterations of the Linux kernel up to, but not including, Linux 22.214.171.124.
The most serious flaw is a memory-access vulnerability. Rated as "high" severity (the second highest rating) by the US National Vulnerability Database, the memory-access validation flaw allows a local attacker to gain root administrator privileges via "crafted arguments in a vmsplice system call".
Exploit code for this vulnerability is available online.
Security site SecurityFocus has provided links to patches for these vulnerabilities.