drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in Linux (Aktualisierung)
| Name: |
Preisgabe von Informationen in Linux (Aktualisierung) |
|
| ID: |
USN-4713-2 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 18.04 LTS, Ubuntu 14.04 ESM |
|
| Datum: |
Mi, 10. Februar 2021, 07:09 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28374 |
|
| Applikationen: |
Linux |
|
| Update von: |
Preisgabe von Informationen in Linux |
|
Originalnachricht |
--===============3683071745214597460==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="JGq01gMRpXZxBGpH"
Content-Disposition: inline
--JGq01gMRpXZxBGpH
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
==========================================================================
Ubuntu Security Notice USN-4713-2
February 10, 2021
linux, linux-gke-5.0, linux-gke-5.3, linux-hwe, linux-raspi2-5.3
vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 14.04 ESM
Summary:
The system could allow unintended access to data in some environments.
Software Description:
- linux-gke-5.0: Linux kernel for Google Container Engine (GKE) systems
- linux-gke-5.3: Linux kernel for Google Container Engine (GKE) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
- linux-raspi2-5.3: Linux kernel for Raspberry Pi (V8) systems
- linux: Linux kernel
Details:
It was discovered that the LIO SCSI target implementation in the Linux
kernel performed insufficient identifier checking in certain XCOPY
requests. An attacker with access to at least one LUN in a multiple
backstore environment could use this to expose sensitive information or
modify data.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
linux-image-5.0.0-1051-gke 5.0.0-1051.53
linux-image-5.3.0-1037-raspi2 5.3.0-1037.39
linux-image-5.3.0-1040-gke 5.3.0-1040.43
linux-image-5.3.0-70-generic 5.3.0-70.66
linux-image-5.3.0-70-lowlatency 5.3.0-70.66
linux-image-gke-5.0 5.0.0.1051.35
linux-image-gke-5.3 5.3.0.1040.23
linux-image-gkeop-5.3 5.3.0.70.127
linux-image-raspi2-hwe-18.04 5.3.0.1037.26
Ubuntu 14.04 ESM:
linux-image-3.13.0-184-generic 3.13.0-184.235
linux-image-3.13.0-184-generic-lpae 3.13.0-184.235
linux-image-3.13.0-184-lowlatency 3.13.0-184.235
linux-image-3.13.0-184-powerpc-e500 3.13.0-184.235
linux-image-3.13.0-184-powerpc-e500mc 3.13.0-184.235
linux-image-3.13.0-184-powerpc-smp 3.13.0-184.235
linux-image-3.13.0-184-powerpc64-emb 3.13.0-184.235
linux-image-3.13.0-184-powerpc64-smp 3.13.0-184.235
linux-image-generic 3.13.0.184.193
linux-image-generic-lpae 3.13.0.184.193
linux-image-generic-pae 3.13.0.184.193
linux-image-highbank 3.13.0.184.193
linux-image-lowlatency 3.13.0.184.193
linux-image-lowlatency-pae 3.13.0.184.193
linux-image-omap 3.13.0.184.193
linux-image-powerpc-e500 3.13.0.184.193
linux-image-powerpc-e500mc 3.13.0.184.193
linux-image-powerpc-smp 3.13.0.184.193
linux-image-powerpc64-emb 3.13.0.184.193
linux-image-powerpc64-smp 3.13.0.184.193
linux-image-server 3.13.0.184.193
linux-image-virtual 3.13.0.184.193
After a standard system update you need to reboot your computer to make
all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.
References:
https://usn.ubuntu.com/4713-2
https://usn.ubuntu.com/4713-1
CVE-2020-28374
Package Information:
https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1051.53
https://launchpad.net/ubuntu/+source/linux-gke-5.3/5.3.0-1040.43
https://launchpad.net/ubuntu/+source/linux-hwe/5.3.0-70.66
https://launchpad.net/ubuntu/+source/linux-raspi2-5.3/5.3.0-1037.39
--JGq01gMRpXZxBGpH
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAmAjOOgACgkQLwmejQBe
gfS1eQ//W3uhAHv6TceIhSMYi6ukbGpmA04f+Bu90P0+kY3KyhhM0zrEkvlaMU/J
BVNsxNOLT+/GtJ3sFvy5PVOg03dM4pmj/mGtCTj3c12tiNAPYWgx0eUnt01WGANh
YNySOIH2EO7G4rQ58HinO9LY7KNkXZ2cv5xa8C0wKkWgJoQ8RavfrjEOXQ1dphPf
LRTJ8tsw0nfVBskMpvaurk4p8SHClIfDPMadQq3ErO/Q6W0qFKnjqI/+G/Ofj9lV
iOSg1z5zfKDSTniUAQtW9Nd9CDgUY/87VEbZyaSLtuAiVBmglER1wcV1EpxgsYjV
yNg7JDvBMMMzEOFqaNRFTZNUARIu8V/ZUqJPCRwNP5maHLISES3wATqhvJETm969
YtmexIN2FZVsglWwpKqIgOZBATi1O9ERW6D6E1fiYWJ1eMG8J1JLA4VS5KB7ne6v
ZSWG8qGPs1plZtm1JrzCeZX1/jJ3O3AHBjsT6ubKz3ENJBL9ElCt69NT+pldadKY
TyrGGzjCUtQTH16aIoNuPxsAVx1XeAA4E8DrkWwaiZaQWyI1IV50iiKPIbDYSFNi
Xym+XRwp0brau6FZy8/9B8iKkcSd3Q+d8TUtjYKzGTrF7lcj2iFv78Or+T1PyAHz
SF0+c3qy5h9n5uf1H7H8J32R76CITeQC2FgN2tcMQJF0/TFsvkk=
=weDS
-----END PGP SIGNATURE-----
--JGq01gMRpXZxBGpH--
--===============3683071745214597460==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|
