Mehrere Probleme in Linux
ID: | USN-1319-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 11.04 |
Datum: | Do, 5. Januar 2012, 15:56 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2203 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3353 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4110 |
Applikationen: | Linux |
Originalnachricht |
|
This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --===============2177275797266562958== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="------------enig34D96F1661909E75DB41A980" This is an OpenPGP/MIME signed message (RFC 2440 and 3156) --------------enig34D96F1661909E75DB41A980 Content-Type: multipart/mixed; boundary="------------040708010002090505040606" This is a multi-part message in MIME format. --------------040708010002090505040606 Content-Type: text/plain; charset=ISO-8859- Content-Transfer-Encoding: quoted-printable ========================================================================== Ubuntu Security Notice USN-1319-1 January 05, 2012 linux-ti-omap4 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 11.04 Summary: Several security issues were fixed in the kernel. Software Description: - linux-ti-omap4: Linux kernel for OMAP4 Details: Peter Huewe discovered an information leak in the handling of reading security-related TPM data. A local, unprivileged user could read the results of a previous TPM command. (CVE-2011-1162) Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. (CVE-2011-2203) Han-Wen Nienhuys reported a flaw in the FUSE kernel module. A local user who can mount a FUSE file system could cause a denial of service. (CVE-2011-3353) A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. (CVE-2011-4110) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: linux-image-2.6.38-1209-omap4 2.6.38-1209.20 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. References: http://www.ubuntu.com/usn/usn-1319-1 CVE-2011-1162, CVE-2011-2203, CVE-2011-3353, CVE-2011-4110 Package Information: https://launchpad.net/ubuntu/+source/linux-ti-omap4/2.6.38-1209.20 --------------040708010002090505040606 Content-Type: text/plain; name="Attached Message Part" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="Attached Message Part" --------------040708010002090505040606-- --------------enig34D96F1661909E75DB41A980 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQIcBAEBCgAGBQJPBaTCAAoJEAUvNnAY1cPYmuQP/3eUWopx3un/1awuXsKbq3SP HkQ9X+aw3opDhJiulvxjEIq3+BdUxymkKtSoqBOos9DCO0sUuZes8YpE3OvtQUO3 K981+gvyl/XMTFUwaPaf38GRznu2Lb9WyOWjL6kGcG6JR+A2XugpxooNMlLP1uZT tSVlSNRDe6R2AQvqOOs77NG5ekzQY6OuKlkTWcUo25ROFKBzUFDtfzr3P/MTRn+j MvY62eJiaHOg1REZ087BiYr3Fm1zcZNcF4an3YdjqgPYnVd/KsFv+XT2IA1y5Zb7 e/Quqgzt5neLXZ3m3V/V5VdS6l++2aDmOwgMbqR68BwsZAMg6Cpj/Dw10dpjXlWh OtLhWywe0D4XM4Jd9W83yZYTfAQ/ovLhLCdWXmV4h86igsOmLhc6UfGCzjPk73gd uaEGzLYKtHYglMtaOxW5eDLlMpMA3HbIy/R4BiEBZOagenKW5rElBE5pNtPAVPjO N5RoAVDXLt33200YAreMEobotKdGAlYTujGFZI9WaQV8a+9V3gd/kudyLrgO1NZF noqKAp5UOT1GsIGB6Q4SpTsIjxGnRQj7D1Led4NrNeTMhoTnM07pOoI70st6Y+ts X0j+ra1pOSesKS/HMimPGXLg91S5XMqIWtB2jM9KFwgi9bg3qZcOcAanAFg4qYvg /YFRmVNGvgVIuGVOa5o3 =+67P -----END PGP SIGNATURE----- --------------enig34D96F1661909E75DB41A980-- --===============2177275797266562958== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce --===============2177275797266562958==-- |