drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in Linux (Aktualisierung)
Name: |
Preisgabe von Informationen in Linux (Aktualisierung) |
|
ID: |
USN-4713-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 18.04 LTS, Ubuntu 14.04 ESM |
|
Datum: |
Mi, 10. Februar 2021, 07:09 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28374 |
|
Applikationen: |
Linux |
|
Update von: |
Preisgabe von Informationen in Linux |
|
Originalnachricht |
--===============3683071745214597460== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="JGq01gMRpXZxBGpH" Content-Disposition: inline
--JGq01gMRpXZxBGpH Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-4713-2 February 10, 2021
linux, linux-gke-5.0, linux-gke-5.3, linux-hwe, linux-raspi2-5.3 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS - Ubuntu 14.04 ESM
Summary:
The system could allow unintended access to data in some environments.
Software Description: - linux-gke-5.0: Linux kernel for Google Container Engine (GKE) systems - linux-gke-5.3: Linux kernel for Google Container Engine (GKE) systems - linux-hwe: Linux hardware enablement (HWE) kernel - linux-raspi2-5.3: Linux kernel for Raspberry Pi (V8) systems - linux: Linux kernel
Details:
It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS: linux-image-5.0.0-1051-gke 5.0.0-1051.53 linux-image-5.3.0-1037-raspi2 5.3.0-1037.39 linux-image-5.3.0-1040-gke 5.3.0-1040.43 linux-image-5.3.0-70-generic 5.3.0-70.66 linux-image-5.3.0-70-lowlatency 5.3.0-70.66 linux-image-gke-5.0 5.0.0.1051.35 linux-image-gke-5.3 5.3.0.1040.23 linux-image-gkeop-5.3 5.3.0.70.127 linux-image-raspi2-hwe-18.04 5.3.0.1037.26
Ubuntu 14.04 ESM: linux-image-3.13.0-184-generic 3.13.0-184.235 linux-image-3.13.0-184-generic-lpae 3.13.0-184.235 linux-image-3.13.0-184-lowlatency 3.13.0-184.235 linux-image-3.13.0-184-powerpc-e500 3.13.0-184.235 linux-image-3.13.0-184-powerpc-e500mc 3.13.0-184.235 linux-image-3.13.0-184-powerpc-smp 3.13.0-184.235 linux-image-3.13.0-184-powerpc64-emb 3.13.0-184.235 linux-image-3.13.0-184-powerpc64-smp 3.13.0-184.235 linux-image-generic 3.13.0.184.193 linux-image-generic-lpae 3.13.0.184.193 linux-image-generic-pae 3.13.0.184.193 linux-image-highbank 3.13.0.184.193 linux-image-lowlatency 3.13.0.184.193 linux-image-lowlatency-pae 3.13.0.184.193 linux-image-omap 3.13.0.184.193 linux-image-powerpc-e500 3.13.0.184.193 linux-image-powerpc-e500mc 3.13.0.184.193 linux-image-powerpc-smp 3.13.0.184.193 linux-image-powerpc64-emb 3.13.0.184.193 linux-image-powerpc64-smp 3.13.0.184.193 linux-image-server 3.13.0.184.193 linux-image-virtual 3.13.0.184.193
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://usn.ubuntu.com/4713-2 https://usn.ubuntu.com/4713-1 CVE-2020-28374
Package Information: https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1051.53 https://launchpad.net/ubuntu/+source/linux-gke-5.3/5.3.0-1040.43 https://launchpad.net/ubuntu/+source/linux-hwe/5.3.0-70.66 https://launchpad.net/ubuntu/+source/linux-raspi2-5.3/5.3.0-1037.39
--JGq01gMRpXZxBGpH Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAmAjOOgACgkQLwmejQBe gfS1eQ//W3uhAHv6TceIhSMYi6ukbGpmA04f+Bu90P0+kY3KyhhM0zrEkvlaMU/J BVNsxNOLT+/GtJ3sFvy5PVOg03dM4pmj/mGtCTj3c12tiNAPYWgx0eUnt01WGANh YNySOIH2EO7G4rQ58HinO9LY7KNkXZ2cv5xa8C0wKkWgJoQ8RavfrjEOXQ1dphPf LRTJ8tsw0nfVBskMpvaurk4p8SHClIfDPMadQq3ErO/Q6W0qFKnjqI/+G/Ofj9lV iOSg1z5zfKDSTniUAQtW9Nd9CDgUY/87VEbZyaSLtuAiVBmglER1wcV1EpxgsYjV yNg7JDvBMMMzEOFqaNRFTZNUARIu8V/ZUqJPCRwNP5maHLISES3wATqhvJETm969 YtmexIN2FZVsglWwpKqIgOZBATi1O9ERW6D6E1fiYWJ1eMG8J1JLA4VS5KB7ne6v ZSWG8qGPs1plZtm1JrzCeZX1/jJ3O3AHBjsT6ubKz3ENJBL9ElCt69NT+pldadKY TyrGGzjCUtQTH16aIoNuPxsAVx1XeAA4E8DrkWwaiZaQWyI1IV50iiKPIbDYSFNi Xym+XRwp0brau6FZy8/9B8iKkcSd3Q+d8TUtjYKzGTrF7lcj2iFv78Or+T1PyAHz SF0+c3qy5h9n5uf1H7H8J32R76CITeQC2FgN2tcMQJF0/TFsvkk= =weDS -----END PGP SIGNATURE-----
--JGq01gMRpXZxBGpH--
--===============3683071745214597460== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|