Sicherheit: Zwei Probleme in Linux

Lesezeichen hinzufügen

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============7053219337626208188==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="QG3hV3nMFOPnvfhhUoLNFkGhGdpavH5OK"

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--QG3hV3nMFOPnvfhhUoLNFkGhGdpavH5OK
Content-Type: text/plain; charset=UTF-
Content-Transfer-Encoding: quoted-printable

==========================================================================
Ubuntu Security Notice USN-2040-1
December 03, 2013

linux-lts-quantal vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in the kernel.

Software Description:
- linux-lts-quantal: Linux hardware enablement kernel from Quantal

Details:

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote
authenticated user could exploit this flaw to obtain sensitive information
or modify/corrupt data. (CVE-2013-4299)

Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP
Fragmenttation Offload (UFO). An unprivileged local user could exploit this
flaw to cause a denial of service (system crash) or possibly gain
administrative privileges. (CVE-2013-4470)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.5.0-44-generic 3.5.0-44.67~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed. If
you use linux-restricted-modules, you have to update that package as
well to get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (e.g. linux-generic,
linux-server, linux-powerpc), a standard system upgrade will automatically
perform this as well.

References:
http://www.ubuntu.com/usn/usn-2040-1
CVE-2013-4299, CVE-2013-4470

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-quantal/3.5.0-44.67~precise1

--QG3hV3nMFOPnvfhhUoLNFkGhGdpavH5OK
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQIcBAEBCgAGBQJSnjdkAAoJEAUvNnAY1cPYmQ0P/i2gmMxphjUd530tWgkl1ETs
GA3/m4f+VwH0tk0MmTb88u9eeH4Hg/qNC9AF7hNGntx1BFoheKLvk0pUNX23G2Sc
swfsnRgVFWPeOSM2N8jVdocsIXlQaEACxBmdQIIKVZstgY7gTmhvBd2AiKfH/6gI
3puqH4eczdwVUbVl23R+siOa38JID5/zAy32pd0LOkHPcMFI/y6JLq1KFvkUZYI4
gkdTQeCR452ZpLgfhg/HUG9Jd4i7g2pzb2qP0JI7qUsW43U9Ds50IFL+LnhV8pIz
ZaX9k8EGOrF3YbHT8HfzyOPEupPgZnUi8zSWYn7Ha9XagUxjNlv7fMCE79SEb1fz
MMYZvhyL/fIlg7zdz/XkM61nbrAkf/W1lgLBTxrQh9/YqCmKLJbP1s/271RiLn2z
9THZhp0ZtlqB5i8+EvMdfeqFlPBtt0NTX35S8dZFdXS1uugr7qoJ/1+dsmxpL6vB
FqJksyF1P2u3adsMpv6kqOX8SDVJUZ1dUkg8bZ5cQHTepYwEOAzArx8hghTgI0EA
KsQxc4Da5US1qScDhPDkpDWVkSoiBeL4odIaS2iibn0Zp3Y7e3o9mGo25OD5JYzG
XzbCtrIu5a3YHBODpx+Ant6HkrH/Y6BxSXZXN5KH/+vfGZOb0fBKd+smhxNrXCOf
sCgNgRoTC0lRiH4Dw1fS
=9L7R
-----END PGP SIGNATURE-----

--QG3hV3nMFOPnvfhhUoLNFkGhGdpavH5OK--

--===============7053219337626208188==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

--===============7053219337626208188==--