Login
Newsletter
Werbung

Sicherheit: Mangelnde Rechteprüfung in Linux
Aktuelle Meldungen Distributionen
Name: Mangelnde Rechteprüfung in Linux
ID: USN-1336-1
Distribution: Ubuntu
Plattformen: Ubuntu 11.10
Datum: Di, 24. Januar 2012, 08:15
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0056
Applikationen: Linux

Originalnachricht


--===============8995696235382081892==
Content-Type: multipart/signed; micalg="pgp-sha512";
protocol="application/pgp-signature";
boundary="=-1rCCZPwfVJ90+MF83qW7"


--=-1rCCZPwfVJ90+MF83qW7
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-1336-1
January 23, 2012

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.10

Summary:

The system could be made to run programs as an administrator.

Software Description:
- linux: Linux kernel

Details:

JÃŒri Aedla discovered that the kernel incorrectly handled
/proc/<pid>/mem
permissions. A local attacker could exploit this and gain root privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.10:
linux-image-3.0.0-15-generic 3.0.0-15.26
linux-image-3.0.0-15-generic-pae 3.0.0-15.26
linux-image-3.0.0-15-omap 3.0.0-15.26
linux-image-3.0.0-15-powerpc 3.0.0-15.26
linux-image-3.0.0-15-powerpc-smp 3.0.0-15.26
linux-image-3.0.0-15-powerpc64-smp 3.0.0-15.26
linux-image-3.0.0-15-server 3.0.0-15.26
linux-image-3.0.0-15-virtual 3.0.0-15.26

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-1336-1
CVE-2012-0056

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.0.0-15.26



--ÑrCCZPwfVJ90+MF83qW7
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQIcBAABCgAGBQJPHXsuAAoJEGVp2FWnRL6TxD4P/iprm2GJjgZmgaEB9yf236E6
YzZ5dhhkfYX5MGazyT/vH3FJmT/+L/O14AlCSRm4FskpLzPjqM2vvz9nu7Ak4tJU
Lo3focPA+aZJi9BuvZXS1OkOlPmmTWZvumWHf6LLVCuPXFeD8mrvfkFns1bpQVom
FvLi/4363v2hXZWoMlwTcHbL2YsTDRhRMUePiP65lVUYla1L8iRg88FYoe28DbRx
DVlO/PQRYxnG5sx/DfPptxvtZSZPR9xHWKiRGYAdDf0wJos9P5uXE3+WurPLxW23
DJ2/bAsDtqv3K4dtW23wiFFFsdBGUrOZDbbG/MeIFbHuHXax/NrToNqZ2vkcHtT2
RcRyLy8G3hxMI1N4lzFP2VO8nuLIPR4fzKBRhkzK1wn9yauZZfX2hqIDhvieLyo/
KeGTSkXu0mQ/s0ZF8jlAaFVR02XbW/dFySja2Gy72qV/rk1bXWuT1ZcGxxpyNvLJ
xMcUu7HoFOVg3TJNpl+cd9lS29cGKCyMDcl0+xpB3MrRXVpYllCGLQf/NG464I06
pnAgzLD8bOTFJ0SOg+mJNnidBkZfkMgw+Ti3lxM8VFdjpB+k0jJ0sn5dcBJATG56
kNeKrR4CGIQdLO+fu725HRLuhEGyGQ2FBlQKys0YxaRsioRwmVOPMEjz6PO6IV3j
A4YkRySBMVvLGJOpm+wv
=9hLC
-----END PGP SIGNATURE-----

--=-1rCCZPwfVJ90+MF83qW7--



--===============8995696235382081892==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============8995696235382081892==--
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung