drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Linux
Name: |
Zwei Probleme in Linux |
|
ID: |
USN-3511-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS |
|
Datum: |
Fr, 8. Dezember 2017, 06:25 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000405
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16939 |
|
Applikationen: |
Linux |
|
Originalnachricht |
--===============8983378171257546180== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="3miamdpb5w36yq2i" Content-Disposition: inline
--3miamdpb5w36yq2i Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-3511-1 December 08, 2017
linux-azure vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux-azure: Linux kernel for Microsoft Azure Cloud systems
Details:
Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16939)
It was discovered that the Linux kernel did not properly handle copy-on- write of transparent huge pages. A local attacker could use this to cause a denial of service (application crashes) or possibly gain administrative privileges. (CVE-2017-1000405)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: linux-image-4.11.0-1016-azure 4.11.0-1016.16 linux-image-azure 4.11.0.1016.16
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://www.ubuntu.com/usn/usn-3511-1 CVE-2017-1000405, CVE-2017-16939
Package Information: https://launchpad.net/ubuntu/+source/linux-azure/4.11.0-1016.16
--3miamdpb5w36yq2i Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIcBAABCgAGBQJaKd9iAAoJEC8Jno0AXoH0XmQP/396TTa9o4S4S5saic4PnjqW pZj9i2iA7MdyFHI4KHFhPdbwyJUuJXtTotX6kkJYznoLliZhqR9AP2VZMCHmUI+v 1vAbxIH7yh3kFbx0iXfOg58OgC2+jqtvr26K6a56FVVSF941dJE1v7HLjjIvFLjq 2mnqny0qBksew0DjEaWcmKNeHuDC2JJ50Qhi0TEknqGqJ1FGRSCvYP7jhH6XbZiU 5LOFvxOLvtQQJCz4PSuk+ixVSn+MuXUuOPAPqoa7omT/HiSK51eSWlLpEF08/vZS kqNbHUUMIAmGir2nBdFoxBkhGLYPf5+pFjV5ALIJ+BLvHxk+D6NdltEfEwPKPWE4 c4+saqi7L1lC0LUWUXoFMBWYeCtADGhS4gMrfO5cpLwDpBAJWJGokERL9bzuHsno KmTZUTmawrcCZChIUjxej3MAajdQ7DWhwtgEzKjpcmENzk359DDoyKugHizLDkrz R49h3qv5T3RPydUYZsc4yrzlqn0UlmXLDPIsv4aa684Ox3rsA+DE7YimyNxvQa// J83nvh0RZlLGOMzXeBL4FP668cIyoknnOiKYkIYQrCQEA9Bs1P4seg7EQOHtMK+v RdLP+q/Sc5uD4+uOj0OQBDmQ8NocuR4/D8eWVEjIATIWaBqGdSt2otB1jj0bYJVZ XYbyrNEgG6ci8gdJcdKc =+xvl -----END PGP SIGNATURE-----
--3miamdpb5w36yq2i--
--===============8983378171257546180== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|