Nacionalni CERT

Sigurnosni nedostaci jezgre operacijskog sustava

<p>==========================================================================<br />Ubuntu Security Notice USN-3386-1<br />August 11, 2017<br /><br />linux vulnerabilities<br />==========================================================================<br /><br />A security issue affects these releases of Ubuntu and its derivatives:<br /><br />- Ubuntu 14.04 LTS<br /><br />Summary:<br /><br />Several security issues were fixed in the Linux kernel.<br /><br />Software Description:<br />- linux: Linux kernel<br /><br />Details:<br /><br />Andrey Konovalov discovered a race condition in the UDP Fragmentation<br />Offload (UFO) code in the Linux kernel. A local attacker could use this to<br />cause a denial of service or execute arbitrary code. (CVE-2017-1000112)<br /><br />Andrey Konovalov discovered a race condition in AF_PACKET socket option<br />handling code in the Linux kernel. A local unprivileged attacker could use<br />this to cause a denial of service or possibly execute arbitrary code.<br />(CVE-2017-1000111)<br /><br />Update instructions:<br /><br />The problem can be corrected by updating your system to the following<br />package versions:<br /><br />Ubuntu 14.04 LTS:<br /> linux-image-3.13.0-128-generic 3.13.0-128.177<br /> linux-image-3.13.0-128-generic-lpae 3.13.0-128.177<br /> linux-image-3.13.0-128-lowlatency 3.13.0-128.177<br /> linux-image-3.13.0-128-powerpc-e500 3.13.0-128.177<br /> linux-image-3.13.0-128-powerpc-e500mc 3.13.0-128.177<br /> linux-image-3.13.0-128-powerpc-smp 3.13.0-128.177<br /> linux-image-3.13.0-128-powerpc64-emb 3.13.0-128.177<br /> linux-image-3.13.0-128-powerpc64-smp 3.13.0-128.177<br /> linux-image-generic 3.13.0.128.137<br /> linux-image-generic-lpae 3.13.0.128.137<br /> linux-image-lowlatency 3.13.0.128.137<br /> linux-image-powerpc-e500 3.13.0.128.137<br /> linux-image-powerpc-e500mc 3.13.0.128.137<br /> linux-image-powerpc-smp 3.13.0.128.137<br /> linux-image-powerpc64-emb 3.13.0.128.137<br /> linux-image-powerpc64-smp 3.13.0.128.137<br /><br />After a standard system update you need to reboot your computer to make<br />all the necessary changes.<br /><br />ATTENTION: Due to an unavoidable ABI change the kernel updates have<br />been given a new version number, which requires you to recompile and<br />reinstall all third party kernel modules you might have installed.<br />Unless you manually uninstalled the standard kernel metapackages<br />(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,<br />linux-powerpc), a standard system upgrade will automatically perform<br />this as well.<br /><br />References:<br /> https://www.ubuntu.com/usn/usn-3386-1<br /> CVE-2017-1000111, CVE-2017-1000112<br /><br />Package Information:<br /> https://launchpad.net/ubuntu/+source/linux/3.13.0-128.177<br /><br />-----BEGIN PGP SIGNATURE-----<br /><br />iQIcBAABCgAGBQJZjSu1AAoJEC8Jno0AXoH0+HgP/26pUM8RfdlhmiU3tiKy3N/f<br />hmFN1Y5jgzBoVad+bSeozGAb4pm/C0DpkwJmGPlzQB9AUCCQpEAmFJgobP3xTa8e<br />mjt4XBvyhhbm19hYCXy8CQYbHSTPpO9IaybmXscc19r/XuQaMc2PSQ63x0aazKXz<br />EuWxZQp1rn7MGbWNyA4fNiRQ1MQyNPdEWwD8SzNDYnbNk8AzfCMYIdfcagwqn4sx<br />+YwUXijEHWxmMZqn4sV/3hTLjJKV7qWHbJi8h3DzJdc639ALHMwdwBghxe6Ex0Jo<br />34Frtb8lP1I7jXYUVcdTqJ7Ju5ziDskkne1cDI2YXcw9FCA9aJ4iiBDCKAL5XyJ6<br />GhTpxyQ4BEqCVI2F7yss2o9OWdnsw/9EEZZ8ZbAR/ZKVBSgiw7wpMuiJfx5nZHKs<br />XXmM1gnUgagUeffjpwgqM+Y+iFAzZR1IPFvjN5ZfQ6KgaBPHK3cihtYTQBpMU3UF<br />sA6CMCoHj9ECeHvbAUmIusdztbsd+/FRUvCq1HThax4Z4HKA6rMKHiMyC/FqjoUP<br />VFyB40/6WYlNfVwckP9KIGGGZmPrpT+C/7IdwSnBwrIRrDGdqbM3UsuoDNRKZRup<br />cqjojIthSVtgMA4Rn4JDFjW4Pat8jDYKQZyIIpnPv+6zntz28kl7bq8iI0SA2QFI<br />tMuvmvTahk4Y0JF8RKOF<br />=9J3c<br />-----END PGP SIGNATURE-----<br />-- <br />ubuntu-security-announce mailing list<br />ubuntu-security-announce@lists.ubuntu.com<br />Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce<br /><br /><br />==========================================================================<br />Ubuntu Security Notice USN-3386-2<br />August 11, 2017<br /><br />linux-lts-trusty vulnerabilities<br />==========================================================================<br /><br />A security issue affects these releases of Ubuntu and its derivatives:<br /><br />- Ubuntu 12.04 ESM<br /><br />Summary:<br /><br />Several security issues were fixed in the Linux kernel.<br /><br />Software Description:<br />- linux-lts-trusty: Linux hardware enablement kernel from Trusty for Precise ESM<br /><br />Details:<br /><br />USN-3386-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04<br />LTS. This update provides the corresponding updates for the Linux<br />Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu<br />12.04 ESM.<br /><br />Andrey Konovalov discovered a race condition in the UDP Fragmentation<br />Offload (UFO) code in the Linux kernel. A local attacker could use this to<br />cause a denial of service or execute arbitrary code. (CVE-2017-1000112)<br /><br />Andrey Konovalov discovered a race condition in AF_PACKET socket option<br />handling code in the Linux kernel. A local unprivileged attacker could use<br />this to cause a denial of service or possibly execute arbitrary code.<br />(CVE-2017-1000111)<br /><br />Update instructions:<br /><br />The problem can be corrected by updating your system to the following<br />package versions:<br /><br />Ubuntu 12.04 ESM:<br /> linux-image-3.13.0-128-generic 3.13.0-128.177~precise1<br /> linux-image-3.13.0-128-generic-lpae 3.13.0-128.177~precise1<br /> linux-image-generic-lpae-lts-trusty 3.13.0.128.118<br /> linux-image-generic-lts-trusty 3.13.0.128.118<br /><br />After a standard system update you need to reboot your computer to make<br />all the necessary changes.<br /><br />ATTENTION: Due to an unavoidable ABI change the kernel updates have<br />been given a new version number, which requires you to recompile and<br />reinstall all third party kernel modules you might have installed.<br />Unless you manually uninstalled the standard kernel metapackages<br />(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,<br />linux-powerpc), a standard system upgrade will automatically perform<br />this as well.<br /><br />References:<br /> https://www.ubuntu.com/usn/usn-3386-2<br /> https://www.ubuntu.com/usn/usn-3386-1<br /> CVE-2017-1000111, CVE-2017-1000112<br /><br />-----BEGIN PGP SIGNATURE-----<br /><br />iQIcBAABCgAGBQJZjSu8AAoJEC8Jno0AXoH0Qx0P/jyId1xjApCuLkClDBIxA3kC<br />4uZ8HLrM+ekg9vVRchbabK0EWw9jQmAbuP8ZBP2m5vrbkiormfmKMRSsSwmryid+<br />CBvV7DUjCjgCtdWzRiSo2JYiCYMe1J+CVwuRDzjZoeMUzvsGFCKnliBvlEeZEpPk<br />O2fJ8ndVqBY5mQr1fk68F64lYaT4OUrzXvr8xRZUVMvV2wY72vjIGPpAtq2fESyx<br />dc6jc7LDlef3opcJ7Psk5OLTyCWufzY5KH0PYtp/80Y7PxeboUOCbanXGEz7hBcR<br />v8e5POJ9u6QBDInuMFsTVfUq/K9n6WS3eUZQztpmSuR8Wl4F7vxJixxIT7liMDPA<br />+/qJIGePODl+V7AFd2bqxnmbhawACarTTnyif1moVBJFVZ9Jt8QLCl3MGidvWyGr<br />RdyG15OAy8G4nedjvKm8AXJe1EsOTIS+b642aC7BbgHo+pm0LyQGd7fvz1ceGo7w<br />7b+mm14jan93ppX03ll6oaaQLWi/53o1DNUzSdJZsjBrCrOvd9wReYyla+vV9cKQ<br />WBhpBT54kVON0xYZ5qHDnMkZh3OMDu2MQWK6HROS0t+bUVHf/fwYKgiE9xlfIeu3<br />uwCFe+jN4rDx5tMOAQp+pJU/kYyLVHVSaXOe7lSpVdd+d5MHT/ywmpjPAbI5oyFH<br />fpW3/zefKmgQKUMFUnH/<br />=I9ZV<br />-----END PGP SIGNATURE-----<br />--</p>
Otkriveni su sigurnosni nedostaci u radu jezgre operacijskog sustava Ubuntu. Otkriveni nedostaci potencijalnim lokalnim napadačima omogućuju izvođenje napada uskraćivanjem usluge ili izvršavanje proizvoljnog programskog koda. Savjetuje se ažuriranje izdanim zakrpama.