drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Linux
Name: |
Zwei Probleme in Linux |
|
ID: |
USN-3170-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.10 |
|
Datum: |
Mi, 11. Januar 2017, 11:57 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9756
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9793 |
|
Applikationen: |
Linux |
|
Originalnachricht |
--===============1304161431601553483== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="itqfrb9Qq3wY07cp" Content-Disposition: inline
--itqfrb9Qq3wY07cp Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-3170-1 January 11, 2017
linux vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.10
Summary:
Several security issues were fixed in the kernel.
Software Description: - linux: Linux kernel
Details:
Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment (CS) in certain error cases. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2016-9756)
Andrey Konovalov discovered that signed integer overflows existed in the setsockopt() system call when handling the SO_SNDBUFFORCE and SO_RCVBUFFORCE options. A local attacker with the CAP_NET_ADMIN capability could use this to cause a denial of service (system crash or memory corruption). (CVE-2016-9793)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.10: linux-image-4.8.0-34-generic 4.8.0-34.36 linux-image-4.8.0-34-generic-lpae 4.8.0-34.36 linux-image-4.8.0-34-lowlatency 4.8.0-34.36 linux-image-4.8.0-34-powerpc-e500mc 4.8.0-34.36 linux-image-4.8.0-34-powerpc-smp 4.8.0-34.36 linux-image-4.8.0-34-powerpc64-emb 4.8.0-34.36 linux-image-generic 4.8.0.34.43 linux-image-generic-lpae 4.8.0.34.43 linux-image-lowlatency 4.8.0.34.43 linux-image-powerpc-e500mc 4.8.0.34.43 linux-image-powerpc-smp 4.8.0.34.43 linux-image-powerpc64-emb 4.8.0.34.43
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: http://www.ubuntu.com/usn/usn-3170-1 CVE-2016-9756, CVE-2016-9793
Package Information: https://launchpad.net/ubuntu/+source/linux/4.8.0-34.36
--itqfrb9Qq3wY07cp Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBCgAGBQJYdfouAAoJEC8Jno0AXoH0EbAQAJvjmmwIWS8E8PmFWfU04HOn 6Znbzk6YGTPLnDzdH/gfGBTjaIBXjgT9B4DZs0X/VFTj8+ytBrNP1+aaRgcZfx5K rCO2QwT2wTZtk6cPEj4Ret2RzPQBj9B3HPGhKem8eTXOy4pa14zK1sn/QLtmMEu0 HkSpILjn+OTXGEtkqdMzfEIOnXySE0yv4j9SH3UtPwodDSPs+1elcfiz1JZK7kBZ gh0UzHzGOLxNe8ExL9J8CfBtsrvQWqmY5D3Y3dt8rORvKsISpkh/iCQ4MZAhYxDh gLIWjNEkF/1DTyVKw3LJu8GUF+DgXtOQcgT3QfBBKsb3SyCXvi2z35TkbaPNSXFZ TAg4iY2/+1t9ZGLTQENUXXRXkErDSqjJGCvUrSeGGFvVDNdmW8dR3Sj3fq6Qx9MK bg1XWqKf4L+0Enb49CwnudKqalUAm+RYjzYqpi3jUwE5G6gu3/08O6coapJZ9tYC cfg4NT8zjmby2Fr3eTasrKLn22qC1E5wiHS1HsJ+qCNte6J4NvaS8/8P9AcKQ3/+ aafJ/jNry8atviHIh7EvPHDiPWPcqem0+2YRdSeF1DoLtcPWarjvBg34AHyfJp4s CS1hbA1McVi+U5nD5scrkehAGknpizPs2VStdGDGuzm3fdw9Sh2iHLCfJ1K6jx1t 8qHneuoUqxugUVsub04g =MSvg -----END PGP SIGNATURE-----
--itqfrb9Qq3wY07cp--
--===============1304161431601553483== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============1304161431601553483==--
|
|
|
|