drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Linux (Aktualisierung)
Name: |
Mehrere Probleme in Linux (Aktualisierung) |
|
ID: |
USN-6868-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 18.04 LTS |
|
Datum: |
Do, 11. Juli 2024, 06:40 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2201
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0001
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26643
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-26925 |
|
Applikationen: |
Linux |
|
Update von: |
Mehrere Probleme in Linux |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============8733918891631201726== Content-Language: en-US Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------DtwiRpZyns2bvO6m40MKqTZv"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------DtwiRpZyns2bvO6m40MKqTZv Content-Type: multipart/mixed; boundary="------------Ev0XF3eWob5ffqrt4D5LeAiJ"; protected-headers="v1" From: Rodrigo Figueiredo Zaiden <rodrigo.zaiden@canonical.com> Reply-To: security@ubuntu.com To: ubuntu-security-announce@lists.ubuntu.com Message-ID: <335c0068-4e51-4a57-b2f4-d1f48685c248@canonical.com> Subject: [USN-6868-2] Linux kernel (AWS) vulnerabilities
--------------Ev0XF3eWob5ffqrt4D5LeAiJ Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64
========================================================================== Ubuntu Security Notice USN-6868-2 July 10, 2024
linux-aws-5.4 vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems
Details:
Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability (CVE-2022-0001) were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information. (CVE-2024-2201)
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; (CVE-2024-26925, CVE-2024-26643)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS linux-image-5.4.0-1127-aws 5.4.0-1127.137~18.04.2 Available with Ubuntu Pro linux-image-aws 5.4.0.1127.137~18.04.1 Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://ubuntu.com/security/notices/USN-6868-2 https://ubuntu.com/security/notices/USN-6868-1 CVE-2024-2201, CVE-2024-26643, CVE-2024-26925
--------------Ev0XF3eWob5ffqrt4D5LeAiJ--
--------------DtwiRpZyns2bvO6m40MKqTZv Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature.asc"
-----BEGIN PGP SIGNATURE-----
wsB5BAABCAAjFiEEYrygdx1GDec9TV8EZ0GeRcM5nt0FAmaO/GgFAwAAAAAACgkQZ0GeRcM5nt1x twf+OY/PkVXftiuJYgK+zJHKVV4kI2EQpVDnlNMKR5oTGgeOkQpmh0Tqh94L8XDWJyWrIJknnQye uJ28zN+7LF5AfrxSMWivsqY7qUcnNktFHxKknM7+Y0R39rE+o+FDArslkJ10bTRBUCPrs6sgddlD 3JWMHIE7H1Ts7WPEwzh1NYmAyvGWFpVmR1PwkeqetHgV3e9gdwnKH/k6tEi7arkDPH2BpuA1VR8D s06AmaAvwvA0HkQFifugFC0vpoL7o4fenmjzOFd9FwYWINdau0e+PgzIQ+5hS3aHD8BHto3pPUw3 TbBIhihZYxm4OK7YtPPbrOzghUagtsA0MBCzij8FXQ== =IXQw -----END PGP SIGNATURE-----
--------------DtwiRpZyns2bvO6m40MKqTZv--
--===============8733918891631201726== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
Cg==
--===============8733918891631201726==--
|
|
|
|