Zwei Probleme in Linux
ID: | USN-4753-1 |
Distribution: | Ubuntu |
Plattformen: | Ubuntu 20.04 LTS |
Datum: | Fr, 26. Februar 2021, 00:05 |
Referenzen: | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3178
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-28374 |
Applikationen: | Linux |
Originalnachricht |
|
--===============8829279213855608870== Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="EVTdUHOLdMfS4dQd" Content-Disposition: inline --EVTdUHOLdMfS4dQd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline ========================================================================== Ubuntu Security Notice USN-4753-1 February 25, 2021 linux-oem-5.10 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS Summary: The system could allow unintended access to data in some environments. Software Description: - linux-oem-5.10: Linux kernel for OEM systems Details: It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. (CVE-2020-28374) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.10.0-1014-oem 5.10.0-1014.15 linux-image-oem-20.04b 5.10.0.1014.15 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://usn.ubuntu.com/4753-1 CVE-2020-28374, CVE-2021-3178 Package Information: https://launchpad.net/ubuntu/+source/linux-oem-5.10/5.10.0-1014.15 --EVTdUHOLdMfS4dQd Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAmA3U1gACgkQLwmejQBe gfQzqhAAqj+EFGgZTmUUyIkP2z3ZKtLY2KtL7AQoggtDLbCsncFlRw2NEoOlgaq6 PhOjuTQnDd71rCsdQQGZjmEbmLoH4kEt29YnemSUzRDksKlPsbGzT7UrP9ilKL2K x4k3QpArMXJJfDKk7SAh6gEd9shEAqJ/J/VUPIDyT3v8w/GeHUwOrkMuOlroDJfW 7fFqKsQYysnSb8wFpg10UD7g2NrkaVASeEke6n4mRcjjffdxh5+bj6k8hF0vPDq0 yB62SXF1llm/hZSewT31WsoqPkGEFy8imdVpUfJVB9quixAWryjUn4mpdy5bVrAS TWM8VsEUb3dE+kDSLYEymPWwGh1pVKFYT9edYwJdN9e/5kTibNBXRoOQxgIgprx2 B4RHF1ziUgsRNYlkLuWufZKyt7oaw6rOzlXcOeYcFGu2REfE4jsf0O/QQD55LUxN tMByN7LJ20OGqEh/3v9U6rgfPvLdhwXxR0ozw+9mD5z29hHkZlYef+Sdv6/cm+2E 6qjOeYVFsvS7qNdDqYNzXg+AuauDwS877kcr7/i1LFyIDEiT1UE1k4HZqnLI6jm7 N9QHlz+xARJTwZ+D/v/6q9nK8NUAM11T6AVDYCOE0sE5vZU0ZagyUOKHnguqqtuC hGUp0jZ3tQRey4HLBn3q/lgZ343CngW6xGYOK4BWoPrys51R1ws= =KjLx -----END PGP SIGNATURE----- --EVTdUHOLdMfS4dQd-- --===============8829279213855608870== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline -- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce |