drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Linux
Name: |
Mehrere Probleme in Linux |
|
ID: |
USN-4748-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 16.04 LTS, Ubuntu 14.04 ESM |
|
Datum: |
Do, 25. Februar 2021, 23:58 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29660
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-27815
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29661
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29374
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29568 |
|
Applikationen: |
Linux |
|
Originalnachricht |
--===============5480307614329240760== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="rUQ1rXFx4trAG42S" Content-Disposition: inline
--rUQ1rXFx4trAG42S Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-4748-1 February 25, 2021
linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 16.04 LTS - Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-kvm: Linux kernel for cloud environments - linux-raspi2: Linux kernel for Raspberry Pi (V8) systems - linux-snapdragon: Linux kernel for Qualcomm Snapdragon processors - linux-lts-xenial: Linux hardware enablement kernel from Xenial for Trusty
Details:
It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2020-27815)
It was discovered that the memory management subsystem in the Linux kernel did not properly handle copy-on-write operations in some situations. A local attacker could possibly use this to gain unintended write access to read-only memory pages. (CVE-2020-29374)
Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event processing backend in the Linux kernel did not properly limit the number of events queued. An attacker in a guest VM could use this to cause a denial of service in the host OS. (CVE-2020-29568)
Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-29660)
Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04 LTS: linux-image-4.4.0-1088-kvm 4.4.0-1088.97 linux-image-4.4.0-1122-aws 4.4.0-1122.136 linux-image-4.4.0-1146-raspi2 4.4.0-1146.156 linux-image-4.4.0-1150-snapdragon 4.4.0-1150.160 linux-image-4.4.0-203-generic 4.4.0-203.235 linux-image-4.4.0-203-generic-lpae 4.4.0-203.235 linux-image-4.4.0-203-lowlatency 4.4.0-203.235 linux-image-4.4.0-203-powerpc-e500mc 4.4.0-203.235 linux-image-4.4.0-203-powerpc-smp 4.4.0-203.235 linux-image-4.4.0-203-powerpc64-emb 4.4.0-203.235 linux-image-4.4.0-203-powerpc64-smp 4.4.0-203.235 linux-image-aws 4.4.0.1122.127 linux-image-generic 4.4.0.203.209 linux-image-generic-lpae 4.4.0.203.209 linux-image-kvm 4.4.0.1088.86 linux-image-lowlatency 4.4.0.203.209 linux-image-powerpc-e500mc 4.4.0.203.209 linux-image-powerpc-smp 4.4.0.203.209 linux-image-powerpc64-emb 4.4.0.203.209 linux-image-powerpc64-smp 4.4.0.203.209 linux-image-raspi2 4.4.0.1146.146 linux-image-snapdragon 4.4.0.1150.142 linux-image-virtual 4.4.0.203.209
Ubuntu 14.04 ESM: linux-image-4.4.0-1086-aws 4.4.0-1086.90 linux-image-4.4.0-203-generic 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-generic-lpae 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-lowlatency 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-powerpc-e500mc 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-powerpc-smp 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-powerpc64-emb 4.4.0-203.235~14.04.1 linux-image-4.4.0-203-powerpc64-smp 4.4.0-203.235~14.04.1 linux-image-aws 4.4.0.1086.83 linux-image-generic-lpae-lts-xenial 4.4.0.203.177 linux-image-generic-lts-xenial 4.4.0.203.177 linux-image-lowlatency-lts-xenial 4.4.0.203.177 linux-image-powerpc-e500mc-lts-xenial 4.4.0.203.177 linux-image-powerpc-smp-lts-xenial 4.4.0.203.177 linux-image-powerpc64-emb-lts-xenial 4.4.0.203.177 linux-image-powerpc64-smp-lts-xenial 4.4.0.203.177 linux-image-virtual-lts-xenial 4.4.0.203.177
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://usn.ubuntu.com/4748-1 CVE-2020-27815, CVE-2020-29374, CVE-2020-29568, CVE-2020-29660, CVE-2020-29661
Package Information: https://launchpad.net/ubuntu/+source/linux/4.4.0-203.235 https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1122.136 https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1088.97 https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1146.156 https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1150.160
--rUQ1rXFx4trAG42S Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAmA3UxgACgkQLwmejQBe gfSIig/+JI/pH6l5an4BYTqnXpf6QmAjBTgYoAuYuuHLzpCEeDCGCkqJOuPnWHRb K9LZ8tOND3GhJRHZl6TFZnwu8gEX8XIJo5fMftemwxVT+OkPY1xO4sTD5b8Skfxo nHelcxuE48gr9GR/X+ED1HJm9gAMZFAq+ExpFsftU93+5LfHCPVQ4T1Zmj6pUc3q 7aq5V44wUiU+2j6pgrt59e8ngdWx16izWKzSrVFSAulsQLwxCrU3W1vI0gjCURSG FR1NN6mBTd3iFTHqCfVEsrdNNnXgyJ5cnxzlzzcde0JUjxAZXAqEH1A4i0MJFURP SFWEFhnhQtfHVpICwrr0iDzxs8Yxs4OXf9wGPFXYirI4qbM51gH0tjpDAzS9csWD 1x2n3FiKGnLojRyGmDoDLiKArEne9A8hfHZB/1k2pdCqRjAmz699n6u9YXUMYI5j juW2K9dqN8zHjOFVqWREA6/JZVuZDQT7WR2QSgRiW+CdWS8YQAjLX1VsEEZJVFXc Chhhhedv+COlLrPaFPrz6pbx+4tgAsnm/e7TyrBZBUxIjDIJjb0bxpq+UWEEx0zB JOJ26zdXKl/ogvLb5DerG77czqeLpkHh3dU8r6pItrLNA7tQnf7D7Pc38PXMAfEq QwOJNgUREb/ulRZQKoaphWJZg4zl86DL290X/m6Gt0F9/PVak7I= =ZIcl -----END PGP SIGNATURE-----
--rUQ1rXFx4trAG42S--
--===============5480307614329240760== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|