We have prepared new kernels for the legacy VM platform that have been patched to prevent the privilege escalation bug described in CVE-2014-0196.
Being leery of introducing such things just before the weekend when the level of support available to respond to any problems is lower, these new kernels are not going to be set as default until Monday. However, if you would prefer to gain protection from this bug immediately then you can select the new kernel now.
Depending on the kernel you are currently running, you should select from the following:
Stable-i386.kvm → linux-126.96.36.199-kvm-i386-20110317
Experimental-i386.kvm → linux-3.2.58-kvm-i386-20110111
AppArmor-i386.kvm → linux-188.8.131.52-kvm-i386-20110819cve20140196
Instructions for changing kernels are available here
I’ll post again on Monday when the default kernels have been updated. Also on Monday, we’ll updating the version of qemu used for VMs to fix a couple of recently discovered security issues. More details to follow.