drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in Linux
Name: |
Zwei Probleme in Linux |
|
ID: |
USN-5130-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 ESM |
|
Datum: |
Di, 9. November 2021, 06:47 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29661
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-29660 |
|
Applikationen: |
Linux |
|
Originalnachricht |
--===============8702265799068859513== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="byseEIveqra3K/Ai" Content-Disposition: inline
--byseEIveqra3K/Ai Content-Type: text/plain; charset=us-ascii Content-Disposition: inline
========================================================================== Ubuntu Security Notice USN-5130-1 November 09, 2021
linux vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 ESM
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux: Linux kernel
Details:
Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-29661)
Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-29660)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 ESM: linux-image-3.13.0-188-generic 3.13.0-188.239 linux-image-3.13.0-188-lowlatency 3.13.0-188.239 linux-image-generic 3.13.0.188.197 linux-image-lowlatency 3.13.0.188.197 linux-image-server 3.13.0.188.197 linux-image-virtual 3.13.0.188.197
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://ubuntu.com/security/notices/USN-5130-1 CVE-2020-29660, CVE-2020-29661
--byseEIveqra3K/Ai Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAABCgAdFiEEBAJL1M8q+hI0VIn8jRkUtPPTt5UFAmGJ8NYACgkQjRkUtPPT t5WQEBAApdZsNEDYdNmEzB3TL4fUzNwQnv0T8Z8YWpl2Ivh8ai5Pp+5nbKGik9O8 qUOkds4nz+Hd0Ab+0SWEnQCDqy9MyxfRQNjcTxmVnP1TG4S1mnJAOakX6jCC+eEH VDzN6+BGNV29/4vqlCn3wbs/vrkwWYMEfIe9Pdc+h1FQLo9qd3K3UnHHJElLrGo1 HnuCHyv0DYAkXydxQfua+YDthXI+wfZ6EYSS4OOf0GNuQEHUKBmheG1EtmPA61FK IRkSg2wJdhbs2r5cHl2TeDTCO4c8ktRIG0ntU6oW5Y7oyhWRhmGXTHXpSgo/nfSp 2VE+OBsz4k7NWOyziZp1yGpB6aKcnTh+T2+7KLsbm+uo0wXM197+JQ7mTYNWjpfn ossG8Dx3I2h3x0GXxxiEE3ILyQUKda0io6YV20X86EUU7f1vQehTGYEqgiYfTQdX RMmVuTa/xl8grXzMAqx0usFCIbruZdKAdu8h+/hi1k4QH55n8IMlwd8ht21Ryubz JCrdUhSyvHllAypirFUPF4vUH6AKrV/zRdWkw8gQqIl6LQETt93ZkDG8Pkqm94dK nCC/YupaZbMKtXXr7ffUA4tO3Pwrgpd6HbdH2VGLBt5CFl0dQJ9TtI1GTLDOAJFW 5mZuHOuJI2sjtw5b3z0ojBhPuHtnmTaOyiD6cFVyK7OGJ6m/NTs= =vqZ4 -----END PGP SIGNATURE-----
--byseEIveqra3K/Ai--
--===============8702265799068859513== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
|
|
|
|