Login
Newsletter
Werbung
Sicherheit: Deaktivierung von a.out in Linux (Aktualisierung)
Aktuelle Meldungen Distributionen
Name: Deaktivierung von a.out in Linux (Aktualisierung)
ID: USN-4007-2
Distribution: Ubuntu
Plattformen: Ubuntu 16.04 LTS
Datum: Mi, 5. Juni 2019, 07:34
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11191
Applikationen: Linux
Update von: Deaktivierung von a.out in Linux

Originalnachricht

 

--===============1396100989513554062==
Content-Type: multipart/signed; micalg=pgp-sha512;
	protocol="application/pgp-signature";
 boundary="KSn4sQg3MnruwCB4"
Content-Disposition: inline


--KSn4sQg3MnruwCB4
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-4007-2
June 04, 2019

linux-aws-hwe, linux-hwe, linux-oracle vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS

Summary:

A system hardening measure could be bypassed.

Software Description:
- linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems
- linux-hwe: Linux hardware enablement (HWE) kernel
- linux-oracle: Linux kernel for Oracle Cloud systems

Details:

USN-4007-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu
16.04 LTS.

Federico Manuel Bento discovered that the Linux kernel did not properly
apply Address Space Layout Randomization (ASLR) in some situations for
setuid a.out binaries. A local attacker could use this to improve the
chances of exploiting an existing vulnerability in a setuid a.out binary.

As a hardening measure, this update disables a.out support.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  linux-image-4.15.0-1014-oracle  4.15.0-1014.16~16.04.1
  linux-image-4.15.0-1040-aws     4.15.0-1040.42~16.04.1
  linux-image-4.15.0-51-generic   4.15.0-51.55~16.04.1
  linux-image-4.15.0-51-generic-lpae  4.15.0-51.55~16.04.1
  linux-image-4.15.0-51-lowlatency  4.15.0-51.55~16.04.1
  linux-image-aws-hwe             4.15.0.1040.40
  linux-image-generic-hwe-16.04   4.15.0.51.72
  linux-image-generic-lpae-hwe-16.04  4.15.0.51.72
  linux-image-lowlatency-hwe-16.04  4.15.0.51.72
  linux-image-oem                 4.15.0.51.72
  linux-image-oracle              4.15.0.1014.8
  linux-image-virtual-hwe-16.04   4.15.0.51.72

After a standard system update you need to reboot your computer to make
all the necessary changes.

ATTENTION: Due to an unavoidable ABI change the kernel updates have
been given a new version number, which requires you to recompile and
reinstall all third party kernel modules you might have installed.
Unless you manually uninstalled the standard kernel metapackages
(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,
linux-powerpc), a standard system upgrade will automatically perform
this as well.

References:
  https://usn.ubuntu.com/4007-2
  https://usn.ubuntu.com/4007-1
  CVE-2019-11191

Package Information:
  https://launchpad.net/ubuntu/+source/linux-aws-hwe/4.15.0-1040.42~16.04.1
  https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-51.55~16.04.1
  https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1014.16~16.04.1


--KSn4sQg3MnruwCB4
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEpgY7tWAjCaQ8jrvULwmejQBegfQFAlz2+EIACgkQLwmejQBe
gfTlXRAAptYScthbgJ2wf2qIl708UfgiQmFmZhjAVS/GqJZp25K7zLv38VW3Mkgz
1QqDt+8Mn//pFGRfQS6/mSyRED52Cd3s3HDPNxNZ2ObnrrzE1HDec6pVqNy/zwmW
v/+RKNiyrNuRDIdJb/Uxtr21j26desmwMnUA/CvWpwsPnXExyJQMeII7b7CV/TK4
E14/4nMRTU+534GxpGAZv7qVkqkki0ehBChol+yrJsjQoM46MDfsVCj91+C/Xgep
tXPW1Sm7r0G/ji7dXoOyBiVsWetGVytNfjvsNFnmqH8mVSQf7VGjqYwqzSyK3guq
mQ+BwV5TtGoLYO+unw9YonT4HsW/SN94WZUZtG+s3Z0sHU4K/NXVExxT7UNM5FrU
q9VXqDp4CbbDRNFGzo28zwi8eSQZCtR4tfrczteBT+lSWi4jsFDtrBNt+eisM0QR
TAqhBtxt9/b74IT9UUPhsX5LgDNg9vvJHNQ5jSn16g0nXi8/q/YyLZRkBR0reld6
GdLmRZbAVRyYBvafHeMwqyrWFJ5EQsAyik6EHiO/SN+9+0+GHQirKfbM8A6EtWVC
uyA8Br27oGjC32RmTiXc8BX06T8fxYSlEJxa3j/ubZa7WmS8183nVXmoMKY1eYPy
keQOpwZQfUAj9L9FJ5atq0+g6o+6lFF3CkJuVIwZwGAbkCl59NU=
=qbWv
-----END PGP SIGNATURE-----

--KSn4sQg3MnruwCB4--


--===============1396100989513554062==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung