drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Linux
Name: |
Zwei Probleme in Linux |
|
ID: |
USN-2751-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS |
|
Datum: |
Di, 29. September 2015, 14:36 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6252
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5697 |
|
Applikationen: |
Linux |
|
Originalnachricht |
--===============7716402292085693431== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="bKyqfOwhbdpXa4YI" Content-Disposition: inline
--bKyqfOwhbdpXa4YI Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inlin Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-2751-1 September 29, 2015
linux-lts-vivid vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in the kernel.
Software Description: - linux-lts-vivid: Linux hardware enablement kernel from Vivid
Details:
Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. (CVE-2015-5697)
Marc-André Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A privileged attacker could use this to cause a denial of service (resource exhaustion). (CVE-2015-6252)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: linux-image-3.19.0-30-generic 3.19.0-30.33~14.04.1 linux-image-3.19.0-30-generic-lpae 3.19.0-30.33~14.04.1 linux-image-3.19.0-30-lowlatency 3.19.0-30.33~14.04.1 linux-image-3.19.0-30-powerpc-e500mc 3.19.0-30.33~14.04.1 linux-image-3.19.0-30-powerpc-smp 3.19.0-30.33~14.04.1 linux-image-3.19.0-30-powerpc64-emb 3.19.0-30.33~14.04.1 linux-image-3.19.0-30-powerpc64-smp 3.19.0-30.33~14.04.1
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: http://www.ubuntu.com/usn/usn-2751-1 CVE-2015-5697, CVE-2015-6252
Package Information: https://launchpad.net/ubuntu/+source/linux-lts-vivid/3.19.0-30.33~14.04.1
--bKyqfOwhbdpXa4YI Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJWClwcAAoJEC8Jno0AXoH0J6MP/3RehRkaOLjpEtvwb2hysl4f g1Gwl6gja1XdkY0uWGN6GN2dPWDps02BLVOWJh887YR/T+4Tb4dL49XrlBzxfiHD CgY9HLxrx4QyEUFZMhvH0Yu/ZWqTsWgVReTzk9PeGs+CNnjoy9IPGDzp4VkiY9XB J/plorSTDfSsiSkUStltlPOlNlXyMcwCUQ5frEoywr42Imqp+sKpBqLrbVjD3QKe UfqnZ+1CrjO2iCsXHJqiHVLnX7gxrsAMXY+NYEv+/sEddmotkCBuYWQwtMb6DK6Y CDyCTZTYCayeZQUIm5DuPKbW6PCCXyfJVkf9Po4AqOXNqyMcz9i0qqYCiW2ehXhF xqC4Y4UDIOYnhEaSG5jTAI4Kz3hLM5yxqYjM8MgucjGBp+V2GHpgurrmLOX+EUXe ORyMOVHNeAkryajD6m0mvEdyH8b90MmE4FxWjmhSc9e2pXjU1tNZzY3ccdJb8511 1h+uJ81EpTnrvcC0hnbrkLVhYgo7YKZ+KI/u8+rboyFSyoX1siksvTg18Gsk9kJN 7q78xFtJODu2eni9/Lb4ExJsceMEjp0IJgsdTECAW2H00w4Yi3zIGnmOvYN1FnUE 4glsCYK24Aas+PRy1TQdQ9DVvV+tEWFXLQ46EM/axkLFHMqA6t1r4N/RYhFPJxvM EwGiuAQ1G4ENX96J8Kha =FV/2 -----END PGP SIGNATURE-----
--bKyqfOwhbdpXa4YI--
--===============7716402292085693431== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7716402292085693431==--
|
|
|
|