drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Linux
Name: |
Mehrere Probleme in Linux |
|
ID: |
USN-1532-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 11.10 |
|
Datum: |
Sa, 11. August 2012, 08:40 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2373
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3375
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3400 |
|
Applikationen: |
Linux |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============0089416994258676443== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enigF981F9D578BE2510555AB8AA"
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enigF981F9D578BE2510555AB8AA Content-Type: multipart/mixed; boundary="------------090005060804080807000206"
This is a multi-part message in MIME format. --------------090005060804080807000206 Content-Type: text/plain; charset=ISO-8859- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1532-1 August 10, 2012
linux-ti-omap4 vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 11.10
Summary:
Several security issues were fixed in the kernel.
Software Description: - linux-ti-omap4: Linux kernel for OMAP4
Details:
An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface (which is not available to unprivileged users until granted by a root user) could exploit this flaw to crash the system or potential gain administrative privileges. (CVE-2012-2136)
Ulrich Obergfell discovered an error in the Linux kernel's memory management subsystem on 32 bit PAE systems with more than 4GB of memory installed. A local unprivileged user could exploit this flaw to crash the system. (CVE-2012-2373)
A flaw was discovered in the Linux kernel's epoll system call. An unprivileged local user could use this flaw to crash the system. (CVE-2012-3375)
Some errors where discovered in the Linux kernel's UDF file system, which is used to mount some CD-ROMs and DVDs. An unprivileged local user could use these flaws to crash the system. (CVE-2012-3400)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 11.10: linux-image-3.0.0-1214-omap4 3.0.0-1214.26
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: http://www.ubuntu.com/usn/usn-1532-1 CVE-2012-2136, CVE-2012-2373, CVE-2012-3375, CVE-2012-3400
Package Information: https://launchpad.net/ubuntu/+source/linux-ti-omap4/3.0.0-1214.26
--------------090005060804080807000206 Content-Type: text/plain; charset=UTF-8; name="Attached Message Part" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="Attached Message Part"
--------------090005060804080807000206--
--------------enigF981F9D578BE2510555AB8AA Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQIcBAEBCgAGBQJQJYVGAAoJEAUvNnAY1cPYMHIP/i+fl7NgoBN5y0kgmtAz4DL7 whHW+V6PflUU+65JcekEBCZRqM1nvTB7+cvIsoBH2/b68ZLuylb76WiOptES7Jmp R0BgP+7qdMX3pOJYLMve0zOd+e2vHAUbue7YOZOK5IZZfcrh6r0JhCBJxxYWkLUX wiNshYdE+qtrKVdtz4chwtomJZMGRzJt+ujQveZTF2cH7Njn5tIzyL+M5uARJkcd JmCctFRPb+qCEw0aVMGKAW9rP77iseyfIxyDnjM2c+4qnyD1/eZ7vt6zvy7/YuoC RWb9EBT2yckipCc1kaMTZzqM5tcWrVnz/5gQSxdhv4GlFDEKCdWT80RgU7EhiQbM zHWuV5u/eKj147GexPNNPBQgjhwDe4+xtCH1IE2a+W01R826tlxDYsUF/h8nIsOG tS0lvm8qsSD84LIKLVTqT8pGWJJCqibEkWzSKOnbR1R4QHI96oJRXxBymM/LvQp0 GC4iLP7znnxqYbx95EVoE7iKW0ZIpn+9yxf9foTHywOY/UBswuIHNScAWYFkD7IE hAch6x8Sh7nLR+2tbhen+OhN+DO7z2zpjvRsJRgNE7QyuMSI5ua1gWVOehK1rD3r v0xNI8uOR58uGJVBXLJIJodQKP7wa7sGz/7Rq8+rUqfUllczbkddpBCyJPLhiNr4 QSSlfzVDfhHJxF7Kan4q =rX/2 -----END PGP SIGNATURE-----
--------------enigF981F9D578BE2510555AB8AA--
--===============0089416994258676443== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============0089416994258676443==--
|
|
|
|