UbuntuSecurity

Subscribe to UbuntuSecurity feed
Updated: 31 min 4 sec ago

USN-4545-1: libquicktime vulnerabilities

Fri, 25/09/2020 - 23:02
libquicktime vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.04 LTS
Summary

Several security issues were fixed in libquicktime.

Software Description
  • libquicktime - Library for reading and writing quicktime files
Details

It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause a denial of service (resource exhaustion). (CVE-2017-9122)

It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause libquicktime to crash, resulting in a denial of service. (CVE-2017-9123, CVE-2017-9124, CVE-2017-9126, CVE-2017-9127, CVE-2017-9128)

It was discovered that libquicktime incorrectly handled certain malformed MP4 files. If a user were tricked into opening a specially crafted MP4 file, a remote attacker could use this issue to cause a denial of service. (CVE-2017-9125)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS
libquicktime2 - 2:1.2.4-7+deb8u1ubuntu0.1
quicktime-utils - 2:1.2.4-7+deb8u1ubuntu0.1
quicktime-x11utils - 2:1.2.4-7+deb8u1ubuntu0.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4541-1: Gnuplot vulnerabilities

Fri, 25/09/2020 - 20:14
gnuplot vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.04 LTS
Summary

Several security issues were fixed in Gnuplot.

Software Description
  • gnuplot - Command-line driven interactive plotting program
Details

Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the df_generate_ascii_array_entry function. An attacker could possibly use this issue to cause a heap buffer overflow, resulting in a denial of service attack or arbitrary code execution. (CVE-2018-19490)

Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the PS_options function when the Gnuplot postscript terminal is used as a backend. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service attack or arbitrary code execution. (CVE-2018-19491)

Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the cairotrm_options function when the Gnuplot postscript terminal is used as a backend. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service attack or arbitrary code execution. (CVE-2018-19492)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS
gnuplot - 4.6.6-3ubuntu0.1
gnuplot-data - 4.6.6-3ubuntu0.1
gnuplot-nox - 4.6.6-3ubuntu0.1
gnuplot-qt - 4.6.6-3ubuntu0.1
gnuplot-tex - 4.6.6-3ubuntu0.1
gnuplot-x11 - 4.6.6-3ubuntu0.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4543-1: Sanitize vulnerability

Fri, 25/09/2020 - 20:03
ruby-sanitize vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.04 LTS
Summary

Sanitize could be made to perform XSS attacks if it received specially crafted input.

Software Description
  • ruby-sanitize - allowlist-based HTML and CSS sanitizer
Details

Michał Bentkowski discovered that Sanitize did not properly sanitize some math or svg HTML under certain circumstances. A remote attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2020-4054)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04 LTS
ruby-sanitize - 4.6.6-2.1~0.20.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4542-1: MiniUPnPd vulnerabilities

Fri, 25/09/2020 - 18:26
miniupnpd vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.04 LTS
Summary

Several security issues were fixed in MiniUPnPd.

Software Description
  • miniupnpd - UPnP and NAT-PMP daemon for gateway routers
Details

It was discovered that MiniUPnPd did not properly validate callback addresses. A remote attacker could possibly use this issue to expose sensitive information. (CVE-2019-12107)

It was discovered that MiniUPnPd incorrectly handled unpopulated user XML input. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. (CVE-2019-12108, CVE-2019-12109)

It was discovered that MiniUPnPd incorrectly handled an empty description when port mapping. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. (CVE-2019-12110)

It was discovered that MiniUPnPd did not properly parse certain PCP requests. An attacker could possibly use this issue to cause MiniUPnPd to crash, resulting in a denial of service. (CVE-2019-12111)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS
miniupnpd - 1.8.20140523-4.1+deb9u2build0.16.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4540-1: atftpd vulnerabilities

Thu, 24/09/2020 - 23:40
atftp vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.04 LTS
Summary

Several security issues were fixed in atftpd.

Software Description
  • atftp - Advanced TFTP Server and Client
Details

Denis Andzakovic discovered that atftpd incorrectly handled certain malformed packets. A remote attacker could send a specially crafted packet to cause atftpd to crash, resulting in a denial of service. (CVE-2019-11365)

Denis Andzakovic discovered that atftpd did not properly lock the thread list mutex. An attacker could send a large number of tftpd packets simultaneously when running atftpd in daemon mode to cause atftpd to crash, resulting in a denial of service. (CVE-2019-11366)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS
atftpd - 0.7.git20120829-3.1~0.18.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4539-1: AWL vulnerability

Thu, 24/09/2020 - 21:18
awl vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.04 LTS
Summary

DAViCal Andrew’s Web Libraries could be made to run programs as your login if it received specially crafted input.

Software Description
  • awl - PHP Utility Libraries
Details

Andrew Bartlett discovered that DAViCal Andrew’s Web Libraries (AWL) did not properly manage session keys. An attacker could possibly use this issue to impersonate a session. (CVE-2020-11728)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04 LTS
libawl-php - 0.60-1+deb10u1ubuntu1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4536-1: SPIP vulnerabilities

Thu, 24/09/2020 - 19:01
spip vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.04 LTS
Summary

Several security issues were fixed in SPIP.

Software Description
  • spip - website engine for publishing
Details

Youssouf Boulouiz discovered that SPIP incorrectly handled login error messages. A remote attacker could potentially exploit this to conduct cross-site scripting (XSS) attacks. (CVE-2019-16392)

Gilles Vincent discovered that SPIP incorrectly handled password reset requests. A remote attacker could possibly use this issue to cause SPIP to enumerate registered users. (CVE-2019-16394)

Guillaume Fahrner discovered that SPIP did not properly sanitize input. A remote authenticated attacker could possibly use this issue to execute arbitrary code on the host server. (CVE-2019-11071)

Sylvain Lefevre discovered that SPIP incorrectly handled user authorization. A remote attacker could possibly use this issue to modify and publish content and modify the database. (CVE-2019-16391)

It was discovered that SPIP did not properly sanitize input. A remote attacker could, through cross-site scripting (XSS) and PHP injection, exploit this to inject arbitrary web script or HTML. (CVE-2017-15736)

Alexis Zucca discovered that SPIP incorrectly handled the media plugin. A remote authenticated attacker could possibly use this issue to write to the database. (CVE-2019-19830)

Christophe Laffont discovered that SPIP incorrectly handled redirect URLs. An attacker could use this issue to cause SPIP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-16393)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS
spip - 3.1.4-4~deb9u3build0.18.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4538-1: PackageKit vulnerabilities

Thu, 24/09/2020 - 16:03
packagekit vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
Summary

Several security issues were fixed in PackageKit.

Software Description
  • packagekit - Provides a package management service
Details

Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the MIME type of any file on the system. (CVE-2020-16121)

Sami Niemimäki discovered that PackageKit incorrectly handled local deb packages. A local user could possibly use this issue to install untrusted packages, contrary to expectations. (CVE-2020-16122)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04 LTS
packagekit - 1.1.13-2ubuntu1.1
Ubuntu 18.04 LTS
packagekit - 1.1.9-1ubuntu2.18.04.6
Ubuntu 16.04 LTS
packagekit - 0.8.17-4ubuntu6~gcc5.4ubuntu1.5

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References
Categories: Linux, Security

USN-4537-1: Aptdaemon vulnerability

Thu, 24/09/2020 - 15:52
aptdaemon vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
Summary

Aptdaemon could be made to expose sensitive information.

Software Description
  • aptdaemon - transaction based package management service
Details

Vaisha Bernard discovered that Aptdaemon incorrectly handled the Locale property. A local attacker could use this issue to test for the presence of local files.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04 LTS
aptdaemon - 1.1.1+bzr982-0ubuntu32.2
Ubuntu 18.04 LTS
aptdaemon - 1.1.1+bzr982-0ubuntu19.4
Ubuntu 16.04 LTS
aptdaemon - 1.1.1+bzr982-0ubuntu14.4

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

References
Categories: Linux, Security

USN-4535-1: RDFLib vulnerability

Wed, 23/09/2020 - 19:48
rdflib vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.04 LTS
Summary

RDFLib could be made to made to execute arbitrary code if it were running in a directory with a specially crafted file.

Software Description
  • rdflib - Pure Python package for working with RDF
Details

Gabriel Corona discovered that RDFLib did not properly load modules on the command-line. An attacker could possibly use this issue to cause RDFLib to execute arbitrary code. (CVE-2019-7653)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS
python-rdflib - 4.1.2-3+deb8u1build0.16.04.1
python-rdflib-tools - 4.1.2-3+deb8u1build0.16.04.1
python3-rdflib - 4.1.2-3+deb8u1build0.16.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart any applications that make use of RDFLib to make all the necessary changes.

References
Categories: Linux, Security

USN-4534-1: Perl DBI module vulnerability

Wed, 23/09/2020 - 15:52
libdbi-perl vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 ESM
  • Ubuntu 12.04 ESM
Summary

Perl DBI module could be made to crash or expose sensitive information if it received a specially crafted input.

Software Description
  • libdbi-perl - Perl Database Interface (DBI)
Details

It was discovered that Perl DBI module incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose sensitive information.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS
libdbi-perl - 1.640-1ubuntu0.2
Ubuntu 16.04 LTS
libdbi-perl - 1.634-1ubuntu0.2
Ubuntu 14.04 ESM
libdbi-perl - 1.630-1ubuntu0.1~esm5
Ubuntu 12.04 ESM
libdbi-perl - 1.616-1ubuntu0.2

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4533-1: LTSP Display Manager vulnerabilities

Tue, 22/09/2020 - 23:02
ldm vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.04 LTS
Summary

LTSP Display Manager could be made to escalate user privileges.

Software Description
  • ldm - LTSP display manager
Details

Veeti Veteläinen discovered that the LTSP Display Manager (ldm) incorrectly handled user logins from unsupported shells. A local attacker could possibly use this issue to gain root privileges. (CVE-2019-20373)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04 LTS
ldm - 2:2.18.06-1+deb10u1build0.20.04.1
ldm-server - 2:2.18.06-1+deb10u1build0.20.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4532-1: Netty vulnerabilities

Tue, 22/09/2020 - 19:15
netty-3.9 vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.04 LTS
Summary

Several security issues were fixed in Netty.

Software Description
  • netty-3.9 - Asynchronous event-driven network application framework
Details

It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header with whitespace before the colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. (CVE-2019-16869)

It was discovered that Netty incorrectly handled certain HTTP headers. By sending an HTTP header that lacks a colon, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. (CVE-2019-20444)

It was discovered that Netty incorrectly handled certain HTTP headers. By sending a Content-Length header accompanied by a second Content-Length header, or by a Transfer-Encoding header, a remote attacker could possibly use this issue to perform an HTTP request smuggling attack. (CVE-2019-20445)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS
libnetty-3.9-java - 3.9.9.Final-1+deb9u1build0.18.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4530-1: Debian-LAN vulnerabilities

Tue, 22/09/2020 - 19:00
debian-lan-config vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.04 LTS
Summary

Debian-LAN could be made to change Kerberos user passwords or run programs as an administrator.

Software Description
  • debian-lan-config - FAI config space for the Debian-LAN system
Details

Wolfgang Schweer discovered that Debian-LAN did not properly handle ACLs for the Kerberos admin server. A local attacker could possibly use this issue to change the passwords of other users, leading to root privilege escalation. (CVE-2019-3467)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS
debian-lan-config - 0.23+deb9u1build0.18.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4531-1: BusyBox vulnerability

Tue, 22/09/2020 - 16:57
busybox vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.04 LTS
  • Ubuntu 18.04 LTS
Summary

Fraudulent security certificates could allow sensitive information to be exposed when accessing the Internet.

Software Description
  • busybox - Tiny utilities for small and embedded systems
Details

It was discovered that the BusyBox wget applet incorrectly validated SSL certificates. A remote attacker could possibly use this issue to intercept secure communications.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04 LTS
busybox - 1:1.30.1-4ubuntu6.2
busybox-initramfs - 1:1.30.1-4ubuntu6.2
busybox-static - 1:1.30.1-4ubuntu6.2
Ubuntu 18.04 LTS
busybox - 1:1.27.2-2ubuntu3.3
busybox-initramfs - 1:1.27.2-2ubuntu3.3
busybox-static - 1:1.27.2-2ubuntu3.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4529-1: FreeImage vulnerabilities

Tue, 22/09/2020 - 15:42
freeimage vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.04 LTS
Summary

Several security issues were fixed in FreeImage.

Software Description
  • freeimage - Support library for graphics image formats
Details

It was discovered that FreeImage incorrectly handled certain memory operations. If a user were tricked into opening a crafted TIFF file, a remote attacker could use this issue to cause a heap buffer overflow, resulting in a denial of service attack. (CVE-2019-12211)

It was discovered that FreeImage incorrectly processed images under certain circumstances. If a user were tricked into opening a crafted TIFF file, a remote attacker could possibly use this issue to cause a stack exhaustion condition, resulting in a denial of service attack. (CVE-2019-12213)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS
libfreeimage-dev - 3.17.0+ds1-5+deb9u1build0.18.04.1
libfreeimage3 - 3.17.0+ds1-5+deb9u1build0.18.04.1
libfreeimageplus-dev - 3.17.0+ds1-5+deb9u1build0.18.04.1
libfreeimageplus3 - 3.17.0+ds1-5+deb9u1build0.18.04.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4528-1: Ceph vulnerabilities

Tue, 22/09/2020 - 14:17
ceph vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
Summary

Several security issues were fixed in Ceph.

Software Description
  • ceph - distributed storage and file system
Details

Adam Mohammed discovered that Ceph incorrectly handled certain CORS ExposeHeader tags. A remote attacker could possibly use this issue to preform an HTTP header injection attack. (CVE-2020-10753)

Lei Cao discovered that Ceph incorrectly handled certain POST requests with invalid tagging XML. A remote attacker could possibly use this issue to cause Ceph to crash, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2020-12059)

Robin H. Johnson discovered that Ceph incorrectly handled certain S3 requests. A remote attacker could possibly use this issue to perform a XSS attack. (CVE-2020-1760)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS
ceph - 12.2.13-0ubuntu0.18.04.4
ceph-base - 12.2.13-0ubuntu0.18.04.4
ceph-common - 12.2.13-0ubuntu0.18.04.4
Ubuntu 16.04 LTS
ceph - 10.2.11-0ubuntu0.16.04.3
ceph-common - 10.2.11-0ubuntu0.16.04.3

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References
Categories: Linux, Security

USN-4526-1: Linux kernel vulnerabilities

Tue, 22/09/2020 - 06:02
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 18.04 LTS
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 ESM
Summary

Several security issues were fixed in the Linux kernel.

Software Description
  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-azure-4.15 - Linux kernel for Microsoft Azure Cloud systems
  • linux-gcp-4.15 - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-gke-4.15 - Linux kernel for Google Container Engine (GKE) systems
  • linux-oem - Linux kernel for OEM systems
  • linux-oracle - Linux kernel for Oracle Cloud systems
  • linux-raspi2 - Linux kernel for Raspberry Pi (V8) systems
  • linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors
  • linux-aws-hwe - Linux kernel for Amazon Web Services (AWS-HWE) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-hwe - Linux hardware enablement (HWE) kernel
Details

It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-18808)

It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19054)

It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19061)

It was discovered that the AMD Audio Coprocessor driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker with the ability to load modules could use this to cause a denial of service (memory exhaustion). (CVE-2019-19067)

It was discovered that the Atheros HTC based wireless driver in the Linux kernel did not properly deallocate in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19073, CVE-2019-19074)

It was discovered that the F2FS file system in the Linux kernel did not properly perform bounds checking in some situations, leading to an out-of- bounds read. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-9445)

It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12888)

It was discovered that the cgroup v2 subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service or possibly gain administrative privileges. (CVE-2020-14356)

It was discovered that the state of network RNG in the Linux kernel was potentially observable. A remote attacker could use this to expose sensitive information. (CVE-2020-16166)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 18.04 LTS
linux-image-4.15.0-1054-oracle - 4.15.0-1054.58
linux-image-4.15.0-1070-gke - 4.15.0-1070.73
linux-image-4.15.0-1071-raspi2 - 4.15.0-1071.75
linux-image-4.15.0-1083-aws - 4.15.0-1083.87
linux-image-4.15.0-1084-gcp - 4.15.0-1084.95
linux-image-4.15.0-1087-snapdragon - 4.15.0-1087.95
linux-image-4.15.0-1096-azure - 4.15.0-1096.106
linux-image-4.15.0-1097-oem - 4.15.0-1097.107
linux-image-4.15.0-118-generic - 4.15.0-118.119
linux-image-4.15.0-118-generic-lpae - 4.15.0-118.119
linux-image-4.15.0-118-lowlatency - 4.15.0-118.119
linux-image-aws-lts-18.04 - 4.15.0.1083.85
linux-image-azure-lts-18.04 - 4.15.0.1096.69
linux-image-gcp-lts-18.04 - 4.15.0.1084.102
linux-image-generic - 4.15.0.118.105
linux-image-generic-lpae - 4.15.0.118.105
linux-image-gke - 4.15.0.1070.74
linux-image-gke-4.15 - 4.15.0.1070.74
linux-image-lowlatency - 4.15.0.118.105
linux-image-oem - 4.15.0.1097.101
linux-image-oracle-lts-18.04 - 4.15.0.1054.64
linux-image-powerpc-e500mc - 4.15.0.118.105
linux-image-powerpc-smp - 4.15.0.118.105
linux-image-powerpc64-emb - 4.15.0.118.105
linux-image-powerpc64-smp - 4.15.0.118.105
linux-image-raspi2 - 4.15.0.1071.68
linux-image-snapdragon - 4.15.0.1087.90
linux-image-virtual - 4.15.0.118.105
Ubuntu 16.04 LTS
linux-image-4.15.0-1054-oracle - 4.15.0-1054.58~16.04.1
linux-image-4.15.0-1083-aws - 4.15.0-1083.87~16.04.1
linux-image-4.15.0-1084-gcp - 4.15.0-1084.95~16.04.1
linux-image-4.15.0-1096-azure - 4.15.0-1096.106~16.04.1
linux-image-4.15.0-118-generic - 4.15.0-118.119~16.04.1
linux-image-4.15.0-118-generic-lpae - 4.15.0-118.119~16.04.1
linux-image-4.15.0-118-lowlatency - 4.15.0-118.119~16.04.1
linux-image-aws-hwe - 4.15.0.1083.79
linux-image-azure - 4.15.0.1096.90
linux-image-azure-edge - 4.15.0.1096.90
linux-image-gcp - 4.15.0.1084.85
linux-image-generic-hwe-16.04 - 4.15.0.118.119
linux-image-generic-lpae-hwe-16.04 - 4.15.0.118.119
linux-image-gke - 4.15.0.1084.85
linux-image-lowlatency-hwe-16.04 - 4.15.0.118.119
linux-image-oem - 4.15.0.118.119
linux-image-oracle - 4.15.0.1054.44
linux-image-virtual-hwe-16.04 - 4.15.0.118.119
Ubuntu 14.04 ESM
linux-image-4.15.0-1096-azure - 4.15.0-1096.106~14.04.1
linux-image-azure - 4.15.0.1096.72

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References
Categories: Linux, Security

USN-4527-1: Linux kernel vulnerabilities

Tue, 22/09/2020 - 05:46
linux, linux-aws, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 ESM
Summary

Several security issues were fixed in the Linux kernel.

Software Description
  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-raspi2 - Linux kernel for Raspberry Pi (V8) systems
  • linux-snapdragon - Linux kernel for Qualcomm Snapdragon processors
  • linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty
Details

It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19054)

It was discovered that the Atheros HTC based wireless driver in the Linux kernel did not properly deallocate in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19073, CVE-2019-19074)

Yue Haibing discovered that the Linux kernel did not properly handle reference counting in sysfs for network devices in some situations. A local attacker could possibly use this to cause a denial of service. (CVE-2019-20811)

It was discovered that the F2FS file system in the Linux kernel did not properly perform bounds checking in some situations, leading to an out-of- bounds read. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-9445)

It was discovered that the F2FS file system in the Linux kernel did not properly validate xattr meta data in some situations, leading to an out-of- bounds read. An attacker could use this to construct a malicious F2FS image that, when mounted, could expose sensitive information (kernel memory). (CVE-2019-9453)

It was discovered that the F2FS file system implementation in the Linux kernel did not properly perform bounds checking on xattrs in some situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2020-0067)

It was discovered that the NFS client implementation in the Linux kernel did not properly perform bounds checking before copying security labels in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25212)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 16.04 LTS
linux-image-4.4.0-1114-aws - 4.4.0-1114.127
linux-image-4.4.0-1139-raspi2 - 4.4.0-1139.148
linux-image-4.4.0-1143-snapdragon - 4.4.0-1143.152
linux-image-4.4.0-190-generic - 4.4.0-190.220
linux-image-4.4.0-190-generic-lpae - 4.4.0-190.220
linux-image-4.4.0-190-lowlatency - 4.4.0-190.220
linux-image-4.4.0-190-powerpc-e500mc - 4.4.0-190.220
linux-image-4.4.0-190-powerpc-smp - 4.4.0-190.220
linux-image-4.4.0-190-powerpc64-emb - 4.4.0-190.220
linux-image-4.4.0-190-powerpc64-smp - 4.4.0-190.220
linux-image-aws - 4.4.0.1114.119
linux-image-generic - 4.4.0.190.196
linux-image-generic-lpae - 4.4.0.190.196
linux-image-lowlatency - 4.4.0.190.196
linux-image-powerpc-e500mc - 4.4.0.190.196
linux-image-powerpc-smp - 4.4.0.190.196
linux-image-powerpc64-emb - 4.4.0.190.196
linux-image-powerpc64-smp - 4.4.0.190.196
linux-image-raspi2 - 4.4.0.1139.139
linux-image-snapdragon - 4.4.0.1143.135
linux-image-virtual - 4.4.0.190.196
Ubuntu 14.04 ESM
linux-image-4.4.0-1078-aws - 4.4.0-1078.82
linux-image-4.4.0-190-generic - 4.4.0-190.220~14.04.1
linux-image-4.4.0-190-generic-lpae - 4.4.0-190.220~14.04.1
linux-image-4.4.0-190-lowlatency - 4.4.0-190.220~14.04.1
linux-image-4.4.0-190-powerpc-e500mc - 4.4.0-190.220~14.04.1
linux-image-4.4.0-190-powerpc-smp - 4.4.0-190.220~14.04.1
linux-image-4.4.0-190-powerpc64-emb - 4.4.0-190.220~14.04.1
linux-image-4.4.0-190-powerpc64-smp - 4.4.0-190.220~14.04.1
linux-image-aws - 4.4.0.1078.75
linux-image-generic-lpae-lts-xenial - 4.4.0.190.166
linux-image-generic-lts-xenial - 4.4.0.190.166
linux-image-lowlatency-lts-xenial - 4.4.0.190.166
linux-image-powerpc-e500mc-lts-xenial - 4.4.0.190.166
linux-image-powerpc-smp-lts-xenial - 4.4.0.190.166
linux-image-powerpc64-emb-lts-xenial - 4.4.0.190.166
linux-image-powerpc64-smp-lts-xenial - 4.4.0.190.166
linux-image-virtual-lts-xenial - 4.4.0.190.166

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References
Categories: Linux, Security

USN-4525-1: Linux kernel vulnerabilities

Tue, 22/09/2020 - 02:44
linux, linux-azure, linux-gcp, linux-oracle vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 20.04 LTS
Summary

Several security issues were fixed in the Linux kernel.

Software Description
  • linux - Linux kernel
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-gcp - Linux kernel for Google Cloud Platform (GCP) systems
  • linux-oracle - Linux kernel for Oracle Cloud systems
Details

It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-18808)

It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19054)

It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service (system crash). (CVE-2020-12888)

It was discovered that the state of network RNG in the Linux kernel was potentially observable. A remote attacker could use this to expose sensitive information. (CVE-2020-16166)

It was discovered that the NFS client implementation in the Linux kernel did not properly perform bounds checking before copying security labels in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-25212)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 20.04 LTS
linux-image-5.4.0-1025-gcp - 5.4.0-1025.25
linux-image-5.4.0-1025-oracle - 5.4.0-1025.25
linux-image-5.4.0-1026-azure - 5.4.0-1026.26
linux-image-5.4.0-48-generic - 5.4.0-48.52
linux-image-5.4.0-48-generic-lpae - 5.4.0-48.52
linux-image-5.4.0-48-lowlatency - 5.4.0-48.52
linux-image-azure - 5.4.0.1026.25
linux-image-gcp - 5.4.0.1025.22
linux-image-generic - 5.4.0.48.51
linux-image-generic-lpae - 5.4.0.48.51
linux-image-gke - 5.4.0.1025.22
linux-image-lowlatency - 5.4.0.48.51
linux-image-oem - 5.4.0.48.51
linux-image-oem-osp1 - 5.4.0.48.51
linux-image-oracle - 5.4.0.1025.22
linux-image-virtual - 5.4.0.48.51

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to reboot your computer to make all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.

References
Categories: Linux, Security

Pages