drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Linux
Name: |
Mehrere Probleme in Linux |
|
ID: |
USN-3099-3 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS |
|
Datum: |
Di, 11. Oktober 2016, 10:52 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6828
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6480 |
|
Applikationen: |
Linux |
|
Originalnachricht |
--===============1775347018433589465== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="+ts6NCQ4mrNQIV8p" Content-Disposition: inline
--+ts6NCQ4mrNQIV8p Content-Type: text/plain; charset=utf-8 Content-Disposition: inlin Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3099-3 October 11, 2016
linux-raspi2 vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the kernel.
Software Description: - linux-raspi2: Linux kernel for Raspberry Pi 2
Details:
VladimÃr BeneÅ¡ discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039)
Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828)
Pengfei Wang discovered a race condition in the Adaptec AAC RAID controller driver in the Linux kernel when handling ioctl()s. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-6480)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: linux-image-4.4.0-1027-raspi2 4.4.0-1027.33
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: http://www.ubuntu.com/usn/usn-3099-3 http://www.ubuntu.com/usn/usn-3099-1 CVE-2016-6480, CVE-2016-6828, CVE-2016-7039
Package Information: https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1027.33
--+ts6NCQ4mrNQIV8p Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJX/JWQAAoJEC8Jno0AXoH0UioP+QGLxTfN/HKXeR9Ev800PXqS WvwJMoCpMuUjixPHyw61XjInQOjaoopemNiUFawEgF547s0xr3xdr+1J3JA1WAPf GVWITswRqG8v++wonUgxXC5JeQ4ZqoedFt2rNhY/GkQsTrHUOolkPkLdgAkcl3rw stNWkgE/IRvYyNduoe57PSgccrTZB12kMk7E5wzLIJXVlGEsTyDqTPF+f+ZZpLxG sNmQwoodhHFgP7fa1NwzyXZIZDiYJ0FyMN34nAnf7VWUHLOXPp+FBVTNTL8nLOgt ijZY3B2KqJMYQNZjOXLbMblUIaKVrcXHCA8LX9WVDhlqaZwUuw6yxP+TwBYiD2CF ok6DZyK2W3O9C0SW85qBHNb/+GCEeLhydZOGxQHtVIu1QvTtrdj3lwhO2Bj8TKiP uuIqA1+jQUZHGbc0rdS3ROETcK7yP43L4bjREvHNBcIyZOdDMrwQdyzyb9HUPp3C HLLduHM6RCzev+5Valt9wNm2wlZL/Cdc4/40dcvKPqzbBWs0FsGzPJj9X4z1MrOr DLcdZ/k/+VzyuKekQmEMZmFdn8p01CaWJpywThshxPzfctO/NX/7iFI2r62vTHCL M3adMRzn3BSCqqZAwIGlnkUseunaIRLPGIW5lvJDGztgnF7bjtyBWwSvQGf6YxxZ 9sBELBuHjUw9tJ/ScWb7 =f8XT -----END PGP SIGNATURE-----
--+ts6NCQ4mrNQIV8p--
--===============1775347018433589465== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============1775347018433589465==--
|
|
|
|