Sicherheit: Denial of Service in Linux

Lesezeichen hinzufügen

--===============3563377668402233670==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="dkEUBIird37B8yKS"
Content-Disposition: inline

--dkEUBIird37B8yKS
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-2802-1
November 10, 2015

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 15.04

Summary:

The system could be made to crash under certain conditions.

Software Description:
- linux: Linux kernel

Details:

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux
kernel did not properly catch Alignment Check exceptions. An attacker in a
guest virtual machine could use this to cause a denial of service (system
crash) in the host OS.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 15.04:
linux-image-3.19.0-33-generic 3.19.0-33.38
linux-image-3.19.0-33-generic-lpae 3.19.0-33.38
linux-image-3.19.0-33-lowlatency 3.19.0-33.38
linux-image-3.19.0-33-powerpc-e500mc 3.19.0-33.38
linux-image-3.19.0-33-powerpc-smp 3.19.0-33.38
linux-image-3.19.0-33-powerpc64-emb 3.19.0-33.38
linux-image-3.19.0-33-powerpc64-smp 3.19.0-33.38

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-2802-1
CVE-2015-5307

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.19.0-33.38

--dkEUBIird37B8yKS
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJWQWAcAAoJEC8Jno0AXoH0ZHYP/jnQKow6SHlLfVTElRVo33xs
GkG0nZoVdCWX2eJqMyRJkZ2n+0y+2L4OmLggZ0KatMG3lowqA9VIqtfhfmvfHVy2
KkNZhOcTnT8ivOajhDmQLSJPsFYJM1kjN+ncenJt72rUznaaCf0xeb9Yqi9rxCqI
WX99IvTebBWirJa5U7YKPtSFy2iirCDWfCWlPD22MMixTVb5smHa0zacU+z3vzHP
UGsW8HK02iIHooK2FseGxL4bZZoA3f0EyLg42pG4Cnz72KNHfyt8vLGWYRWvZPK+
ozFzAybwyZ+Kp8Kd0e5wNySRo6oPeTVr5pjzim9RWu3RNqumlT7eiLAlKlfl3mZg
e9bVqwP5dHTrX2Uh12uAGlI/XoNdLXD3UQNcHrYKNMr9DM3CmrDjvA+GUKsxcTi1
Z1HntWRyYOCodT343tl6JE8/DsrKbH+8mZPHzds2HZVLbyiFkBJiWhOf57GLgsem
QK+FJNNvNjcS8fRLwcyayWLfuybxz4iirsEIpnCGwc8nCQjFyY2eXHS7a/FLcXfr
AbHUBr+wNs/3kRmJEW8jEC+QbhAqf4AB2QL/i9UUnlyYGnCZymUV5Jb2N+D9FCD4
h2Az5Ja/x1EbDV04XnrEHi8yx3rLCJvKaKpa4FQlEEf+vv7tvAjz541qqJZVgMjH
Yq2ulSnihp7mg6CbDyp2
=kq/+
-----END PGP SIGNATURE-----

--dkEUBIird37B8yKS--

--===============3563377668402233670==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============3563377668402233670==--