Login
Newsletter
Werbung

Sicherheit: Pufferüberlauf in Linux
Aktuelle Meldungen Distributionen
Name: Pufferüberlauf in Linux
ID: USN-2528-1
Distribution: Ubuntu
Plattformen: Ubuntu 14.04 LTS
Datum: Do, 12. März 2015, 08:38
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8159
Applikationen: Linux

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============7818690793058672910==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="x2FvloVAQEd8WDgHOUvolLBOvEND8rjap"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--x2FvloVAQEd8WDgHOUvolLBOvEND8rjap
Content-Type: text/plain; charset=utf-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-2528-1
March 12, 2015

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.04 LTS

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
- linux: Linux kernel

Details:

It was discovered that the Linux kernel's Infiniband subsystem did not
properly sanitize its input parameters while registering memory regions
from userspace. A local user could exploit this flaw to cause a denial of
service (system crash) or to potentially gain administrative privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 14.04 LTS:
linux-image-3.13.0-46-generic 3.13.0-46.79
linux-image-3.13.0-46-generic-lpae 3.13.0-46.79
linux-image-3.13.0-46-lowlatency 3.13.0-46.79
linux-image-3.13.0-46-powerpc-e500 3.13.0-46.79
linux-image-3.13.0-46-powerpc-e500mc 3.13.0-46.79
linux-image-3.13.0-46-powerpc-smp 3.13.0-46.79
linux-image-3.13.0-46-powerpc64-emb 3.13.0-46.79
linux-image-3.13.0-46-powerpc64-smp 3.13.0-46.79

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2528-1
CVE-2014-8159

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.13.0-46.79



--x2FvloVAQEd8WDgHOUvolLBOvEND8rjap
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVATayAAoJEAUvNnAY1cPYXLYP/AyvFmMw/tWBScM4PAjpdT4C
oqtKigWq2TavQGAgv6Jevi74VCOPWE6PS/J7/wLJ30Gug2ApjyEUqNgBjSboDImd
OYox0Mwvpkyz2C7eOv54pDLvifdELyj8XDEXvaLAH1gSKtZGLEotMJv9ttlVwcmU
2OgeumvT3+mzGRe3ItoebMoFTGGYmKFsVS+8Lud4qsf5Gxkao4Ra7c5q9LkNwMaK
79F+XCZOA4WbSAK66npFuwK7bYwImLRGXnO0c03xqtjcLAlqKP54io/NK1nTc342
YeOJxJ4bBn3ao+i37YfW+gsZbScdkEXcpxHhKYGyVsA9NLYKwCy0XPbRHGBuXL8W
M2vKEL7V3rCmUsNHZ/0ecE6R/brMMtdHl4s0ZE4ofwzk4d/a3fMV7cuo2ZvNBOiX
l/jzQv86/091JJ2WIJ2bZBL2GE9V/eD28pRfiEOr1vJ4IwodDC0oCOXS+HQFCgLg
IPmLvAWxFWI8Tm5A1Wks8ognEeconsl0/vKvnbVJMVjltpG0BZN5B7uhemRbUZle
yGJi108ukI3XFHH428gkUlYRAApYwM1mm/YpQoxyc2X/+tuygj/ZcG/DEynTR56s
OgcAw4ugCEuCHlxbqMbg8VFC4nPC2zOAkOyElOtN0ceXgnIWQf4+4G0mwPI2sOy4
uwCeZ1q+y7yQron9q6+s
=mDK5
-----END PGP SIGNATURE-----

--x2FvloVAQEd8WDgHOUvolLBOvEND8rjap--


--===============7818690793058672910==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============7818690793058672910==--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung