drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Linux
Name: |
Mehrere Probleme in Linux |
|
ID: |
USN-1976-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 10.04 LTS |
|
Datum: |
Di, 1. Oktober 2013, 08:01 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0343
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2888
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2892 |
|
Applikationen: |
Linux |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============8440750320158680756== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="2pL8h5QvtvOvfCWJ0iXuJFj164UpfqvsK"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --2pL8h5QvtvOvfCWJ0iXuJFj164UpfqvsK Content-Type: text/plain; charset=UTF- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-1976-1 September 30, 2013
linux vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in the kernel.
Software Description: - linux: Linux kernel
Details:
An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343)
Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of the Linux kernel. A physically proximate attacker could exploit this flaw to execute arbitrary code or cause a denial of service (heap memory corruption) via a specially crafted device that provides an invalid Report ID. (CVE-2013-2888)
Kees Cook discovered a flaw in the Human Interface Device (HID) subsystem of the Linux kerenl when CONFIG_HID_PANTHERLORD is enabled. A physically proximate attacker could cause a denial of service (heap out-of-bounds write) via a specially crafted device. (CVE-2013-2892)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 10.04 LTS: linux-image-2.6.32-52-386 2.6.32-52.114 linux-image-2.6.32-52-generic 2.6.32-52.114 linux-image-2.6.32-52-generic-pae 2.6.32-52.114 linux-image-2.6.32-52-ia64 2.6.32-52.114 linux-image-2.6.32-52-lpia 2.6.32-52.114 linux-image-2.6.32-52-powerpc 2.6.32-52.114 linux-image-2.6.32-52-powerpc-smp 2.6.32-52.114 linux-image-2.6.32-52-powerpc64-smp 2.6.32-52.114 linux-image-2.6.32-52-preempt 2.6.32-52.114 linux-image-2.6.32-52-server 2.6.32-52.114 linux-image-2.6.32-52-sparc64 2.6.32-52.114 linux-image-2.6.32-52-sparc64-smp 2.6.32-52.114 linux-image-2.6.32-52-versatile 2.6.32-52.114 linux-image-2.6.32-52-virtual 2.6.32-52.114
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: http://www.ubuntu.com/usn/usn-1976-1 CVE-2013-0343, CVE-2013-2888, CVE-2013-2892
Package Information: https://launchpad.net/ubuntu/+source/linux/2.6.32-52.114
--2pL8h5QvtvOvfCWJ0iXuJFj164UpfqvsK Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBCgAGBQJSSbPPAAoJEAUvNnAY1cPY8eIP/RCqi72GTWXmqnpZanLvYZ+r MxDDAYfkBpyzNLkruahTFwdXFG5CYq0Zw2OS+9llUs9AgtjccfWFEdzuyHkHaRwe dPE0qmNRi/OTfwVEFTi8vdqXm4LijHzy+jR+KagRie9/Gp6xzXTwybw9kzS/T5rw /NcqHgUNX9czKwclqWr67d0gbgCpnNHkcyF3F/XrIi4Aqojw0Ge660MSV83BSRG+ 6rn0MnI842SVuPS/6pq9X0XgVfoPbNYf8lFrrO4usHupTeR4IrxFbcmjOcCoC3f+ bqgT+L9P9UYFBL3chPcNDyunrecLMgWD35JuOmS04ar7XadS8sHpMrFX57q1WJQK hZe2x24gnNMwx6ZOsE3kfRNYcm1H1OW/a0/R4hdf5MpZMNHLSITe8O052vzYMrxT 4qZctvC4nzi7aqIDU0iiRKjGAtJWYmdj1Wi5MkSkjda1C8biKH8cQRbc98Sic+ve 6hhNGlyeYqjmrSNJdd6fA1TAvsGYk7P7aQ9cwqxJsOpJPDunf3MPOcBaz0uUUyp7 pN7oK8MzPkE96M+qv6hm9ZCV9oelHuPIhkBa2XTfAjj/qaRHg66aPY14s2XF2kwR hkkz2ztpcrEUrDnk/lp6IzfTS8tkkVnDUOx8c/+cgF//2AWXOnnpeRtMGBkv3pqW nK+GhbyxGHVLBRd/B4NJ =vVsT -----END PGP SIGNATURE-----
--2pL8h5QvtvOvfCWJ0iXuJFj164UpfqvsK--
--===============8440750320158680756== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
--===============8440750320158680756==--
|
|
|
|