==========================================================================
Ubuntu Security Notice USN-2094-1
January 31, 2014
linux-lts-raring vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 12.04 LTS
Summary:
The system could be made to crash or run programs as an administrator.
Software Description:
– linux-lts-raring: Linux hardware enablement kernel from Raring
Details:
Pageexec reported a bug in the Linux kernel’s recvmsg syscall when called
from code using the x32 ABI. An unprivileged local user could exploit this
flaw to cause a denial of service (system crash) or gain administrator
privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
linux-image-3.8.0-35-generic 3.8.0-35.52~precise1
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2094-1
CVE-2014-0038
Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-raring/3.8.0-35.52~precise1
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird – http://www.enigmail.net/
iQIcBAEBCgAGBQJS6zS/AAoJEAUvNnAY1cPYBDUP/ivxUjFwmM6qXEgevy3hoTAA
/FjRppDfxtYhZuCBYVDzg8AEq1UxCWcYuT1yPbTvU2j+F27g0Rz7zLTY4SRWHLPq
VDMZ0L546smvJhvYP3710xJlRBVh1PMQT4dH6UzxJjAcuowyGC0iqBxjfLjb3j97
8lE4AnPj1mcXXUklFBgeDyHhOy5kBsKW4AX2HWsSd/zJgrHhBORQv+MPOZCYkl0K
N9pUSqLhRlA/7ElqCpfk6MslmFWeOSyn+GICzvVzTFQYam8WSGFYodXpkpBOqxkT
igcrBfym9xzZzx7dBlVJIM+Qka0QJ/bLinkMsKrxlQx1fj2tcNt6mTHpb40EwF46
UqP/duds0Jy3fWuKvOqHOlpoUWG1rD4/Zo9NVks8T/PDTVpDRt4m5Q+F0ETs/dP0
9oH+HeTPPU9y79nfuQQyBJrog5p4x1p9X+Y/n64XyCHJsdQGnmpbs6GRjytnPlXo
rOlJ976ZiBOPP21v3WvWZRpaQfFG8lAyyZqOdGhxEh9QOP/7T8ezEv2K23O1CctE
gAL1r/nVr5DPXCrOaslzZB2nx4KabHc3RNW84H5CS7Pu1ScDeHX9vkYQ7LxAuiFR
6Y/ptgidy/WObM5kqpFuKpi3K2gZwr1fv+OdBEeiXKu4gsTe7LfIKZi7aW6DGXDJ
JWJzDaTCpoouVje0q5HJ
=OYBH
—–END PGP SIGNATURE—–
—
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
==========================================================================
Ubuntu Security Notice USN-2095-1
January 31, 2014
linux-lts-saucy vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 12.04 LTS
Summary:
The system could be made to crash or run programs as an administrator.
Software Description:
– linux-lts-saucy: Linux hardware enablement kernel from Saucy
Details:
Pageexec reported a bug in the Linux kernel’s recvmsg syscall when called
from code using the x32 ABI. An unprivileged local user could exploit this
flaw to cause a denial of service (system crash) or gain administrator
privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 12.04 LTS:
linux-image-3.11.0-15-generic 3.11.0-15.25~precise1
linux-image-3.11.0-15-generic-lpae 3.11.0-15.25~precise1
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2095-1
CVE-2014-0038
Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-saucy/3.11.0-15.25~precise1
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird – http://www.enigmail.net/
iQIcBAEBCgAGBQJS6zTiAAoJEAUvNnAY1cPYAwcP/1ALSvu0owvrXo2Dy56BMbHc
DBRhO4RZg69slLTZ868/0urqKRveIBdRh55v4OuklbnQlj/7+wdpLnurqLL/y/4o
msYIT4b6tVU+fHwDTKVbyHOQdUjEvzXkziaN2WTm12JcSvYYbAvyORPc16sMcgKO
989GSxYEhZPZoRoP86vN2Xc2z28VxrshEf2neYgIZQ4Cn9oQzvNPYiGmjEVfYrSl
stYoUlW9JTRAeM2yCTtL/0k48M2xjGqscr0J335gjr5EMvCpp+BH3VlVHN2qjxj6
0UPk0p1raHCaYwl+kMM0aHrJeFRkKaPsXVcO1Ux8FKRB5aWFhTmUcqgrOmb13EP6
OKA2kk9bKfw4gkvUf23axwn8nt36aBZGzPDiXoZk6cJWqQxlAcomEdUycOb0RNJE
OEPvkPLmwNZz5Cp68qJ9XpY8F89FfrIQ0LmZ2iynlUwWSXNwWXBGHUh0kzuAH7Eq
SnCx1bm/CWJMzzxLCXGabObf8g/k4A57dP0MNxWKQQ5AzcWlojpSsygeVDgm/xOO
aaOL045JwYL33BAmT7iVnkN6/u/DSAsYipuo7U2rxtvahkNr+5fqt14ZWSxH+xS6
0iKsAtOyKbbaJtUur4sk5NKxSAzFD+Fj/zQyAgFF/6nWbi4a3/tkfXbkyDiTlkH0
FqZ8QZLuldcSmciapKBq
=it+d
—–END PGP SIGNATURE—–
—
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
==========================================================================
Ubuntu Security Notice USN-2096-1
January 31, 2014
linux vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 13.10
Summary:
The system could be made to crash or run programs as an administrator.
Software Description:
– linux: Linux kernel
Details:
Pageexec reported a bug in the Linux kernel’s recvmsg syscall when called
from code using the x32 ABI. An unprivileged local user could exploit this
flaw to cause a denial of service (system crash) or gain administrator
privileges.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.10:
linux-image-3.11.0-15-generic 3.11.0-15.25
linux-image-3.11.0-15-generic-lpae 3.11.0-15.25
After a standard system update you need to reboot your computer to make
all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-2096-1
CVE-2014-0038
Package Information:
https://launchpad.net/ubuntu/+source/linux/3.11.0-15.25
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird – http://www.enigmail.net/
iQIcBAEBCgAGBQJS6zUAAAoJEAUvNnAY1cPYc9gP/0x/s0tZUHYlttZoH5nX8T1r
OgyXXIO6VyVxmJuojzJRjK1bZXG7Sqt+GLzcMMFvRuwg8aKpN5bnfDFgGL26KqWE
MUFpNugwPmwfFCYETJ4LsAV/Km/vZMpHdkP+zJTKWcu4+BZxAc7ub3+GVezHD4Kj
yZZLxbvEmtThpEcy8ZEDCCew2DDI21Ai3WGkvW+42ckZzmWVAneSL7P1TravQD40
lw4tavLE5aitETuMrJkAuByrPc7yZseKTtczhQzW7HRkMTk7kXC60L/4poqs7jv/
DR6AdHQxULYPijVcqEEhmHGIC50FIV5qCrTDha/+z1cJwUso/tw/FjMrTqD2Urkc
7AvfRqWxF8chPX0d5iFhKo8G4BhuYppy6SYjxhI/oQaY53tUuEiMTBX/ACuv6Lyo
wHH1jvK7ZcenvXSEG/2LZ+Gtj4tuuKXCz6eDu+wyn2T14chaVQbUNzt1x43kn859
aVvZ+8LtGrL0yu0V31VdWmcsp590AsmKTEUfim2lmJUueg8Rc3M7gVM1yTSw6eSd
u/+8M/N7FHgI5KEtk9ssLBSNccDYjNYylE/Rs2O5Cq8rLUxZ/wQuXlKZnYLxf7SD
WIh76ZprSPNKWanpG9tOLSOR0Y549wZfC97TSnINnfPgyiNaRymqsXTETMOjstxK
S1Qkhy0RXK7DKuWjDajJ
=35nd
—–END PGP SIGNATURE—–
—