Denial of Service in Linux
ID: | USN-2715-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 12.04 LTS |
Datum: | Di, 18. August 2015, 06:37 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3212 |
Applikationen: | Linux |
Originalnachricht |
|
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============3586927071673911846== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="Sjwmc7kIglJcLnS3rrFOfvaAh9g8AX34v" This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --Sjwmc7kIglJcLnS3rrFOfvaAh9g8AX34v Content-Type: text/plain; charset=utf- Content-Transfer-Encoding: quoted-printable ========================================================================== Ubuntu Security Notice USN-2715-1 August 18, 2015 linux-lts-trusty vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 12.04 LTS Summary: The system could be made to crash under certain conditions. Software Description: - linux-lts-trusty: Linux hardware enablement kernel from Trusty Details: Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 12.04 LTS: linux-image-3.13.0-62-generic 3.13.0-62.102~precise1 linux-image-3.13.0-62-generic-lpae 3.13.0-62.102~precise1 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. If you use linux-restricted-modules, you have to update that package as well to get modules which work with the new kernel version. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-server, linux-powerpc), a standard system upgrade will automatically perform this as well. References: http://www.ubuntu.com/usn/usn-2715-1 CVE-2015-3212 Package Information: https://launchpad.net/ubuntu/+source/linux-lts-trusty/3.13.0-62.102~precise1 --Sjwmc7kIglJcLnS3rrFOfvaAh9g8AX34v Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJV0oVNAAoJEAUvNnAY1cPYpcQP/2vjydMoQ54KM22th6LNozQK h1dQenZVcW1TXCjLJgAbz/26/JzYF7ZwcU0oYgvJvQl+JNsD0oqAv5T0p/6w2BHX Ddc1bRWXQlQ513mIJsDkQD5MwpUySaxcWFrAvx3frhayYahKbm86yFPEqo8xf/jO SMZZBMZzytnfnqa+AEc8PdgzRUcILGp4APDUehGo4unN8LfBV5uv3uDmdFrqEOkQ v118P8o3o5df1nG7ZM9zSe83mAla14sTXqxDZv75nlWHyXEfOtCrU6kP1TgHucrM 7bBWtMvQRI+INEiBpC7LYrhRRYbgAGn0SvMqU+5Z/pYwzt6h5ldccm4NG+rU4AWZ QzBKO/HcIcN2D7v1oiWgVih1WYUGuek1Yfa+6CpVZ+yuTBpYBSjbTLfq+jm0jxRp 1KbfG7MBDboldsv1vx7+Fup3maQcP9ZlBzXGqhRd0O22foHSi5g594rZexDAx8NZ QT0ouBE7WYtsVq1vsc24kOrC/JRLxVm7G3OsEUdpfT8AG0DvOI5S6IJtiuFQnQlZ 7BE+PiF0jtILufC3EheVESpa59xdzuYoEf6xNcDOH96esxJhjuX9NTcjex+o8BzN aVIUJMnRCwTbvWAQ38rOCGB0VWbtDREw/LpAYF9zybA0z8aH9GMlnShkhqvYg5qE m3155PtA1pq7Pv/4B1e7 =CzIP -----END PGP SIGNATURE----- --Sjwmc7kIglJcLnS3rrFOfvaAh9g8AX34v-- --===============3586927071673911846== Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce --===============3586927071673911846==-- |