Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Linux
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Linux
ID: USN-1319-1
Distribution: Ubuntu
Plattformen: Ubuntu 11.04
Datum: Do, 5. Januar 2012, 15:56
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2203
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4110
Applikationen: Linux

Originalnachricht

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--===============2177275797266562958==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="------------enig34D96F1661909E75DB41A980"

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig34D96F1661909E75DB41A980
Content-Type: multipart/mixed;
boundary="------------040708010002090505040606"

This is a multi-part message in MIME format.
--------------040708010002090505040606
Content-Type: text/plain; charset=ISO-8859-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-1319-1
January 05, 2012

linux-ti-omap4 vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.04

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-ti-omap4: Linux kernel for OMAP4

Details:

Peter Huewe discovered an information leak in the handling of reading
security-related TPM data. A local, unprivileged user could read the
results of a previous TPM command. (CVE-2011-1162)

Clement Lecigne discovered a bug in the HFS filesystem. A local attacker
could exploit this to cause a kernel oops. (CVE-2011-2203)

Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user
who can mount a FUSE file system could cause a denial of service.
(CVE-2011-3353)

A flaw was found in how the Linux kernel handles user-defined key types. An
unprivileged local user could exploit this to crash the system.
(CVE-2011-4110)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.04:
linux-image-2.6.38-1209-omap4 2.6.38-1209.20

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-1319-1
CVE-2011-1162, CVE-2011-2203, CVE-2011-3353, CVE-2011-4110

Package Information:
https://launchpad.net/ubuntu/+source/linux-ti-omap4/2.6.38-1209.20


--------------040708010002090505040606
Content-Type: text/plain;
name="Attached Message Part"
Content-Transfer-Encoding: base64
Content-Disposition: attachment;
filename="Attached Message Part"


--------------040708010002090505040606--

--------------enig34D96F1661909E75DB41A980
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBCgAGBQJPBaTCAAoJEAUvNnAY1cPYmuQP/3eUWopx3un/1awuXsKbq3SP
HkQ9X+aw3opDhJiulvxjEIq3+BdUxymkKtSoqBOos9DCO0sUuZes8YpE3OvtQUO3
K981+gvyl/XMTFUwaPaf38GRznu2Lb9WyOWjL6kGcG6JR+A2XugpxooNMlLP1uZT
tSVlSNRDe6R2AQvqOOs77NG5ekzQY6OuKlkTWcUo25ROFKBzUFDtfzr3P/MTRn+j
MvY62eJiaHOg1REZ087BiYr3Fm1zcZNcF4an3YdjqgPYnVd/KsFv+XT2IA1y5Zb7
e/Quqgzt5neLXZ3m3V/V5VdS6l++2aDmOwgMbqR68BwsZAMg6Cpj/Dw10dpjXlWh
OtLhWywe0D4XM4Jd9W83yZYTfAQ/ovLhLCdWXmV4h86igsOmLhc6UfGCzjPk73gd
uaEGzLYKtHYglMtaOxW5eDLlMpMA3HbIy/R4BiEBZOagenKW5rElBE5pNtPAVPjO
N5RoAVDXLt33200YAreMEobotKdGAlYTujGFZI9WaQV8a+9V3gd/kudyLrgO1NZF
noqKAp5UOT1GsIGB6Q4SpTsIjxGnRQj7D1Led4NrNeTMhoTnM07pOoI70st6Y+ts
X0j+ra1pOSesKS/HMimPGXLg91S5XMqIWtB2jM9KFwgi9bg3qZcOcAanAFg4qYvg
/YFRmVNGvgVIuGVOa5o3
=+67P
-----END PGP SIGNATURE-----

--------------enig34D96F1661909E75DB41A980--


--===============2177275797266562958==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============2177275797266562958==--
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung