--===============9188620353376006135== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="l32ewoxmdmhk4v47" Content-Disposition: inline
--l32ewoxmdmhk4v47 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-3422-2 September 18, 2017
linux-lts-trusty vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 12.04 ESM
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise ESM
Details:
USN-3422-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS.
It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2017-1000251)
It was discovered that the asynchronous I/O (aio) subsystem of the Linux kernel did not properly set permissions on aio memory mappings in some situations. An attacker could use this to more easily exploit other vulnerabilities. (CVE-2016-10044)
Baozeng Ding and Andrey Konovalov discovered a race condition in the L2TPv3 IP Encapsulation implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-10200)
Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. (CVE-2016-7097)
Sergej Schumilo, Ralf Spenneberg, and Hendrik Schwartke discovered that the key management subsystem in the Linux kernel did not properly allocate memory in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-8650)
Vlad Tsyrklevich discovered an integer overflow vulnerability in the VFIO PCI driver for the Linux kernel. A local attacker with access to a vfio PCI device file could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-9083, CVE-2016-9084)
It was discovered that an information leak existed in __get_user_asm_ex() in the Linux kernel. A local attacker could use this to expose sensitive information. (CVE-2016-9178)
CAI Qian discovered that the sysctl implementation in the Linux kernel did not properly perform reference counting in some situations. An unprivileged attacker could use this to cause a denial of service (system hang). (CVE-2016-9191)
It was discovered that the keyring implementation in the Linux kernel in some situations did not prevent special internal keyrings from being joined by userspace keyrings. A privileged local attacker could use this to bypass module verification. (CVE-2016-9604)
It was discovered that an integer overflow existed in the trace subsystem of the Linux kernel. A local privileged attacker could use this to cause a denial of service (system crash). (CVE-2016-9754)
Andrey Konovalov discovered that the IPv4 implementation in the Linux kernel did not properly handle invalid IP options in some situations. An attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2017-5970)
Dmitry Vyukov discovered that the Linux kernel did not properly handle TCP packets with the URG flag. A remote attacker could use this to cause a denial of service. (CVE-2017-6214)
It was discovered that a race condition existed in the AF_PACKET handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-6346)
It was discovered that the keyring implementation in the Linux kernel did not properly restrict searches for dead keys. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-6951)
Dmitry Vyukov discovered that the generic SCSI (sg) subsystem in the Linux kernel contained a stack-based buffer overflow. A local attacker with access to an sg device could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7187)
Eric Biggers discovered a memory leak in the keyring implementation in the Linux kernel. A local attacker could use this to cause a denial of service (memory consumption). (CVE-2017-7472)
It was discovered that a buffer overflow existed in the Broadcom FullMAC WLAN driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-7541)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 12.04 ESM: linux-image-3.13.0-132-generic 3.13.0-132.181~precise1 linux-image-3.13.0-132-generic-lpae 3.13.0-132.181~precise1 linux-image-generic-lpae-lts-trusty 3.13.0.132.122 linux-image-generic-lts-trusty 3.13.0.132.122
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://www.ubuntu.com/usn/usn-3422-2 https://www.ubuntu.com/usn/usn-3422-1 CVE-2016-10044, CVE-2016-10200, CVE-2016-7097, CVE-2016-8650, CVE-2016-9083, CVE-2016-9084, CVE-2016-9178, CVE-2016-9191, CVE-2016-9604, CVE-2016-9754, CVE-2017-1000251, CVE-2017-5970, CVE-2017-6214, CVE-2017-6346, CVE-2017-6951, CVE-2017-7187, CVE-2017-7472, CVE-2017-7541
--l32ewoxmdmhk4v47 Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJZwFl2AAoJEC8Jno0AXoH0xRIP/2/fU1SJizN7S0FPDHxh6pZo cKJYIaOjU2gksj6ZfXxEJPDHHBZgK4wgaZ8xokT/x+REAx8lgMnK0K2bfglT/g+I A702ea+UolyteH2WvUMPCJNwAVqf6BTCFwlCz8a8f40smPLsL/+0QdGpJ3UjkI0V M6JCx6LsruhvSpPjkX4JuunGE3WqMajRC4MjMzK4gFUtU0Lcccqg6kYSfzWTKpbC iNqhmC83NIBAIqL0xSAWRUFsAOpOuQKCLFRA87Qjk+s/803KJQffcnBWTguPiU0J ca0NE+OVlFtJDaPuW6luaHJ18a31IJ6inksyJm2+IlNkH8ecy87O/enI2KkVMB2h PA7VyyY0ymU6vfBAf5u9YJkFtvROZdigPbJx8Ex7Bv6zAmsFGQs4u35IkbyyKVwb LAALcAdfy52ojRwCKxWEpWn82+iNd9ZA0Sn1yEpJjXSAFrpNGXXFC158IAX0JDbM VZdchzgmlv/kV4jO8bBaPpB6Z6pFZvH+mIjoO3evJjDjK6fNMLvL9ZjgefmO7jMC IEmR4j6ZntfnBdn5TQT5WBBG5Ue+Co6AO4zr70RynPlLbitXh3FkPxdN0i5WwGQK N4ZRZqKw6N0KwduR095QMQ/aL9UgpnV+1k9/sA9ewceDtXBCA8swlXMZBiNh0P5/ X6qnChsFep+f8yfXLk3E =ORix -----END PGP SIGNATURE-----
--l32ewoxmdmhk4v47--
--===============9188620353376006135== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|