You are here
Home > Preporuke > Sigurnosni nedostatak u jezgri operacijskog sustava

Sigurnosni nedostatak u jezgri operacijskog sustava

==========================================================================
Ubuntu Security Notice USN-2094-1
January 31, 2014

linux-lts-raring vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 LTS

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
– linux-lts-raring: Linux hardware enablement kernel from Raring

Details:

Pageexec reported a bug in the Linux kernel’s recvmsg syscall when called
from code using the x32 ABI. An unprivileged local user could exploit this
flaw to cause a denial of service (system crash) or gain administrator
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.8.0-35-generic 3.8.0-35.52~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2094-1
CVE-2014-0038

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-raring/3.8.0-35.52~precise1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird – http://www.enigmail.net/

iQIcBAEBCgAGBQJS6zS/AAoJEAUvNnAY1cPYBDUP/ivxUjFwmM6qXEgevy3hoTAA
/FjRppDfxtYhZuCBYVDzg8AEq1UxCWcYuT1yPbTvU2j+F27g0Rz7zLTY4SRWHLPq
VDMZ0L546smvJhvYP3710xJlRBVh1PMQT4dH6UzxJjAcuowyGC0iqBxjfLjb3j97
8lE4AnPj1mcXXUklFBgeDyHhOy5kBsKW4AX2HWsSd/zJgrHhBORQv+MPOZCYkl0K
N9pUSqLhRlA/7ElqCpfk6MslmFWeOSyn+GICzvVzTFQYam8WSGFYodXpkpBOqxkT
igcrBfym9xzZzx7dBlVJIM+Qka0QJ/bLinkMsKrxlQx1fj2tcNt6mTHpb40EwF46
UqP/duds0Jy3fWuKvOqHOlpoUWG1rD4/Zo9NVks8T/PDTVpDRt4m5Q+F0ETs/dP0
9oH+HeTPPU9y79nfuQQyBJrog5p4x1p9X+Y/n64XyCHJsdQGnmpbs6GRjytnPlXo
rOlJ976ZiBOPP21v3WvWZRpaQfFG8lAyyZqOdGhxEh9QOP/7T8ezEv2K23O1CctE
gAL1r/nVr5DPXCrOaslzZB2nx4KabHc3RNW84H5CS7Pu1ScDeHX9vkYQ7LxAuiFR
6Y/ptgidy/WObM5kqpFuKpi3K2gZwr1fv+OdBEeiXKu4gsTe7LfIKZi7aW6DGXDJ
JWJzDaTCpoouVje0q5HJ
=OYBH
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-2095-1
January 31, 2014

linux-lts-saucy vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 12.04 LTS

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
– linux-lts-saucy: Linux hardware enablement kernel from Saucy

Details:

Pageexec reported a bug in the Linux kernel’s recvmsg syscall when called
from code using the x32 ABI. An unprivileged local user could exploit this
flaw to cause a denial of service (system crash) or gain administrator
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 LTS:
linux-image-3.11.0-15-generic 3.11.0-15.25~precise1
linux-image-3.11.0-15-generic-lpae 3.11.0-15.25~precise1

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2095-1
CVE-2014-0038

Package Information:
https://launchpad.net/ubuntu/+source/linux-lts-saucy/3.11.0-15.25~precise1

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird – http://www.enigmail.net/

iQIcBAEBCgAGBQJS6zTiAAoJEAUvNnAY1cPYAwcP/1ALSvu0owvrXo2Dy56BMbHc
DBRhO4RZg69slLTZ868/0urqKRveIBdRh55v4OuklbnQlj/7+wdpLnurqLL/y/4o
msYIT4b6tVU+fHwDTKVbyHOQdUjEvzXkziaN2WTm12JcSvYYbAvyORPc16sMcgKO
989GSxYEhZPZoRoP86vN2Xc2z28VxrshEf2neYgIZQ4Cn9oQzvNPYiGmjEVfYrSl
stYoUlW9JTRAeM2yCTtL/0k48M2xjGqscr0J335gjr5EMvCpp+BH3VlVHN2qjxj6
0UPk0p1raHCaYwl+kMM0aHrJeFRkKaPsXVcO1Ux8FKRB5aWFhTmUcqgrOmb13EP6
OKA2kk9bKfw4gkvUf23axwn8nt36aBZGzPDiXoZk6cJWqQxlAcomEdUycOb0RNJE
OEPvkPLmwNZz5Cp68qJ9XpY8F89FfrIQ0LmZ2iynlUwWSXNwWXBGHUh0kzuAH7Eq
SnCx1bm/CWJMzzxLCXGabObf8g/k4A57dP0MNxWKQQ5AzcWlojpSsygeVDgm/xOO
aaOL045JwYL33BAmT7iVnkN6/u/DSAsYipuo7U2rxtvahkNr+5fqt14ZWSxH+xS6
0iKsAtOyKbbaJtUur4sk5NKxSAzFD+Fj/zQyAgFF/6nWbi4a3/tkfXbkyDiTlkH0
FqZ8QZLuldcSmciapKBq
=it+d
—–END PGP SIGNATURE—–

ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-2096-1
January 31, 2014

linux vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 13.10

Summary:

The system could be made to crash or run programs as an administrator.

Software Description:
– linux: Linux kernel

Details:

Pageexec reported a bug in the Linux kernel’s recvmsg syscall when called
from code using the x32 ABI. An unprivileged local user could exploit this
flaw to cause a denial of service (system crash) or gain administrator
privileges.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 13.10:
linux-image-3.11.0-15-generic 3.11.0-15.25
linux-image-3.11.0-15-generic-lpae 3.11.0-15.25

After a standard system update you need to reboot your computer to make
all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2096-1
CVE-2014-0038

Package Information:
https://launchpad.net/ubuntu/+source/linux/3.11.0-15.25

—–BEGIN PGP SIGNATURE—–
Version: GnuPG v1.4.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird – http://www.enigmail.net/

iQIcBAEBCgAGBQJS6zUAAAoJEAUvNnAY1cPYc9gP/0x/s0tZUHYlttZoH5nX8T1r
OgyXXIO6VyVxmJuojzJRjK1bZXG7Sqt+GLzcMMFvRuwg8aKpN5bnfDFgGL26KqWE
MUFpNugwPmwfFCYETJ4LsAV/Km/vZMpHdkP+zJTKWcu4+BZxAc7ub3+GVezHD4Kj
yZZLxbvEmtThpEcy8ZEDCCew2DDI21Ai3WGkvW+42ckZzmWVAneSL7P1TravQD40
lw4tavLE5aitETuMrJkAuByrPc7yZseKTtczhQzW7HRkMTk7kXC60L/4poqs7jv/
DR6AdHQxULYPijVcqEEhmHGIC50FIV5qCrTDha/+z1cJwUso/tw/FjMrTqD2Urkc
7AvfRqWxF8chPX0d5iFhKo8G4BhuYppy6SYjxhI/oQaY53tUuEiMTBX/ACuv6Lyo
wHH1jvK7ZcenvXSEG/2LZ+Gtj4tuuKXCz6eDu+wyn2T14chaVQbUNzt1x43kn859
aVvZ+8LtGrL0yu0V31VdWmcsp590AsmKTEUfim2lmJUueg8Rc3M7gVM1yTSw6eSd
u/+8M/N7FHgI5KEtk9ssLBSNccDYjNYylE/Rs2O5Cq8rLUxZ/wQuXlKZnYLxf7SD
WIh76ZprSPNKWanpG9tOLSOR0Y549wZfC97TSnINnfPgyiNaRymqsXTETMOjstxK
S1Qkhy0RXK7DKuWjDajJ
=35nd
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostatak jezgre operacijskog sustava

Otkriven je sigurnosni nedostatak u radu jezgre operacijskog sustava za RHEL 5. Otkriveni nedostatak se javlja jer Xen hypervisor ne...

Close