drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Linux (Aktualisierung)
Name: |
Mehrere Probleme in Linux (Aktualisierung) |
|
ID: |
USN-3084-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS |
|
Datum: |
Mo, 19. September 2016, 23:06 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6136 |
|
Applikationen: |
Linux |
|
Update von: |
Mehrere Probleme in Linux |
|
Originalnachricht |
--===============7885187422471393482== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="iBwuxWUsK/REspAd" Content-Disposition: inline
--iBwuxWUsK/REspAd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-3084-2 September 19, 2016
linux-lts-xenial vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in the kernel.
Software Description: - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty
Details:
USN-3084-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.
Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. (CVE-2016-6136)
It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state about transactional memory. An unprivileged attacker in a guest could cause a denial of service (CPU lockup) in the host OS. (CVE-2016-5412)
Pengfei Wang discovered a race condition in the Chrome OS embedded controller device driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6156)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: linux-image-4.4.0-38-generic 4.4.0-38.57~14.04.1 linux-image-4.4.0-38-generic-lpae 4.4.0-38.57~14.04.1 linux-image-4.4.0-38-lowlatency 4.4.0-38.57~14.04.1 linux-image-4.4.0-38-powerpc-e500mc 4.4.0-38.57~14.04.1 linux-image-4.4.0-38-powerpc-smp 4.4.0-38.57~14.04.1 linux-image-4.4.0-38-powerpc64-emb 4.4.0-38.57~14.04.1 linux-image-4.4.0-38-powerpc64-smp 4.4.0-38.57~14.04.1
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: http://www.ubuntu.com/usn/usn-3084-2 http://www.ubuntu.com/usn/usn-3084-1 CVE-2016-5412, CVE-2016-6136, CVE-2016-6156
Package Information: https://launchpad.net/ubuntu/+source/linux-lts-xenial/4.4.0-38.57~14.04.1
--iBwuxWUsK/REspAd Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJX4DqsAAoJEC8Jno0AXoH0sU8P/jBuk3lXcRCBcPfGHqpPqLgw E1YxrC6ZlILVesdqNLa4xLrkBoXP8AC29hVkuty0J2Rx4poklbCNJI0zvcp0eFO3 5wZltNx3HndH/+Rw4Vzdl6f57qdkLRs3K+UDZyneKI5qm/KUEBx5Orqofg4Uz4uM V3Gv8XM1m+PzGZY3Ky3Ofpnl6g1BGDqkxsjlx3n2MPcDyTsaXwkTXM8t+2K6Yeo7 rCGildfR/nxjuJNWBFfYvrvtVkJ2WSTNtkWcBeZS9dFLugxEWMZIDAaLoSVP2+XZ HdiCqNgkH0CBBpxOtfDh/OUp7Lfl4YRVhvHLxPbtFcVkVIb6AFFY9Zp8yDgeXZI7 lL6BRNNEn/m/dkY5Q9+QS4Tof3FfNFoKSB09ZRcO/qEXD9LZxwWPmC5/IFkB14Eo Skzt5zM3GnbqcYZ2N3wru0teybY46GM7aaweSLr1n8Wkfyb0JHn7oC6RxrqaFemc e766URVhBUWjQSWDfdNs7GIgBPPD04Z2XzVhJzTCmQOTE6SycX/mS6msC6rE7zdE WsKZvlZfgUuo7zg4tFITvfW6YRukLHXMMZV9mCnM3x6IZqukYxW8k+nuyNFidgKD kjbbIIBHhLdmor7ukhbe0mAD79X1Fc9ukf2sWJnwI2mduSDU3SUnXloGekvmDuUL BoNB/1x/ubUtPc7m2w+4 =Wgpx -----END PGP SIGNATURE-----
--iBwuxWUsK/REspAd--
--===============7885187422471393482== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============7885187422471393482==--
|
|
|
|