Mehrere Probleme in Linux
ID: | USN-2421-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 14.10 |
Datum: | Di, 25. November 2014, 08:24 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3690
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4608 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7975 |
Applikationen: | Linux |
Originalnachricht |
|
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============3674591885619575633== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="t1jxRlT6W7UgXiPiKItk6APCltMNBt0I7" This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --t1jxRlT6W7UgXiPiKItk6APCltMNBt0I7 Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable ========================================================================== Ubuntu Security Notice USN-2421-1 November 25, 2014 linux vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 14.10 Summary: Several security issues were fixed in the kernel. Software Description: - linux: Linux kernel Details: A flaw was discovered in how the Linux kernel's KVM (Kernel Virtual Machine) subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service (kill arbitrary processes, or system disruption) by leveraging /dev/kvm access. (CVE-2014-3690) Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (CVE-2014-4608) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability). (CVE-2014-7975) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 14.10: linux-image-3.16.0-25-generic 3.16.0-25.33 linux-image-3.16.0-25-generic-lpae 3.16.0-25.33 linux-image-3.16.0-25-lowlatency 3.16.0-25.33 linux-image-3.16.0-25-powerpc-e500mc 3.16.0-25.33 linux-image-3.16.0-25-powerpc-smp 3.16.0-25.33 linux-image-3.16.0-25-powerpc64-emb 3.16.0-25.33 linux-image-3.16.0-25-powerpc64-smp 3.16.0-25.33 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. References: http://www.ubuntu.com/usn/usn-2421-1 CVE-2014-3690, CVE-2014-4608, CVE-2014-7975 Package Information: https://launchpad.net/ubuntu/+source/linux/3.16.0-25.33 --t1jxRlT6W7UgXiPiKItk6APCltMNBt0I7 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJUdAKCAAoJEAUvNnAY1cPYtN0QAJ/er2wHvUBnOauAGKdnUuiJ ltJb50YFvW4cqhKfj54JJsjomGIr0K9kFm0NuXwxveZurjkpYXVSwu9OXan8UnD+ DrlP8BmgL/3hMCwAC1LMqype25ef/MRqWw6q/48zjna59mYdTw8qVQOP7t5ceyiZ gxXSOyZ53eP1uJF2TeJq8cw+lmmG8waOKGVCOhNF1oPjKCM4Lm0fmRAz8MrgUOjV xgg5UdCQdoIU1WAV0ECeFu6QAQlEi296UPgfD8QrSTQS0NWmmQHzTrgqFXg/t4Jb qmUBP8N1+ebAmkmbyyN1Lzalb2FgXoStd6YkAsY9XE5WE2EgSmWjG5L4Fx5RCJ6n /1x8jnWLRqoW/WOs5cIIqaBlc3cuX3Cre2E8ldeBTXuy6Ugk/Xaauq0PRZR5UzBJ GElcXWjye8qx69OiYuNdSq7RjKKoK5jXOB41nbhQes7juoavYrLaFSnltRi2E1mW cOUKaGmYP0TDxLJihI9S7o7p6rOFZpAJ72jglwuKESctKnKtzXDnERBQPk4fWr6k 8tC+grY38F2dMAr3sto6YMee+kWsXmGFu+6qsEjQCYdovMDQf+v15yBtfjAeTI3+ un+KbU5X21Lx4c7o37xNaylXToiRreUqrmkNLVLWmId9tIU/1jYFa+arb9Yu12ay iqxcxFzaI5PYhXWESZAg =S1cK -----END PGP SIGNATURE----- --t1jxRlT6W7UgXiPiKItk6APCltMNBt0I7-- --===============3674591885619575633== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce --===============3674591885619575633==-- |